4 matches found
OracleVM 3.1 : xen (OVMSA-2013-0043)
The remote OracleVM system is missing necessary patches to address critical security updates : - x86/xsave: properly check guest input to XSETBV Other than the HVM emulation path, the PV case so far failed to check that YMM state requires SSE state to be enabled, allowing for a GP to occur upon...
Fedora 19 : xen-4.2.2-6.fc19 (2013-9986)
Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-52, CVE-2013-2076 970206 Hypervisor crash due to missing exception recovery on XRSTOR XSA-53, CVE-2013-2077 970204 Hypervisor crash due to missing exception recovery on XSETBV XSA-54, CVE-2013-2078 970202 Multiple vulnerabilities in libelf PV...
Fedora 18 : xen-4.2.2-6.fc18 (2013-10136)
Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-52, CVE-2013-2076 970206 Hypervisor crash due to missing exception recovery on XRSTOR XSA-53, CVE-2013-2077 970204 Hypervisor crash due to missing exception recovery on XSETBV XSA-54, CVE-2013-2078 970202 Multiple vulnerabilities in libelf PV...
Hypervisor crash due to missing exception recovery on XRSTOR
ISSUE DESCRIPTION Processors do certain validity checks on the data passed to XRSTOR. While the hypervisor controls the placement of that memory block, it doesn't restrict the contents in any way. Thus the hypervisor exposes itself to a fault occurring on XRSTOR. Other than for FXRSTOR, which...