2 matches found
possible memory corruption via failsafe callback
ISSUE DESCRIPTION Under certain special conditions Xen reports an exception resulting from returning to guest mode not via ordinary exception entry points, but via a so call failsafe callback. This callback, unlike exception handlers, takes 4 extra arguments on the stack the saved data selectors...
CVE-2016-3157
The switchto function in arch/x86/kernel/process64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service guest OS crash, or obtain sensitive information by leveraging I/O port access...