Xen SYSCALL singlestep Handling Privilege Escalation (XSA-204)

According to its self-reported version number, the Xen hypervisor installed on the remote host is missing a security update. It is, therefore, affected by a privilege elevation vulnerability in the instruction emulator when handling SYSCALL by single-stepping applications. This is due to incorrec...

x86 CMPXCHG8B emulation fails to ignore operand size override

ISSUE DESCRIPTION The x86 instruction CMPXCHG8B is supposed to ignore legacy operand size overrides; it only honors the REX.W override making it CMPXCHG16B. So, the operand size is always 8 or 16. When support for CMPXCHG16B emulation was added to the instruction emulator, this restriction on the...