CVE 2016-7777
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it.
Related bugs and status
CVE-2016-7777 (Candidate) is related to these bugs:
Bug #1396670: gdbsx missing
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1396670 | gdbsx missing | xen (Ubuntu) | Medium | Fix Released | ||
1396670 | gdbsx missing | xen (Ubuntu Yakkety) | Medium | Fix Released |
Bug #1671760: Xen HVM guests running linux 4.10 fail to boot on Intel hosts
Bug #1671864: Xen stable update to 4.6.5
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu) | Medium | Invalid | ||
1671864 | Xen stable update to 4.6.5 | xen (Ubuntu Xenial) | Medium | Fix Released |
Bug #1672767: Xen stable update to 4.7.2
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1672767 | Xen stable update to 4.7.2 | xen (Ubuntu) | Medium | Invalid | ||
1672767 | Xen stable update to 4.7.2 | xen (Ubuntu Yakkety) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.