OVMSA-2016-0177 - xen security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2016-12-13 |
Description
[4.3.0-55.el6.119.63]
- From: Jan Beulich
Subject: x86emul: CMPXCHG8B ignores operand size prefix
Otherwise besides mis-handling the instruction, the comparison failure
case would result in uninitialized stack data being handed back to the
guest in rDX:rAX (32 bits leaked for 32-bit guests, 96 bits for 64-bit
ones).
This is XSA-200.
Signed-off-by: Jan Beulich
Backported-by: Zhenzhong Duan
Reviewed-by: Boris Ostrovsky [bug 25180312]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | xen-4.3.0-55.el6.119.63.src.rpm | 9172dc1c4df244ac44ac67ffbeccf1eb23020d7d93e76bc3a87380366f6bbea3 | OVMBA-2024-0012 | ovm3_x86_64_3.3_patch |
| xen-4.3.0-55.el6.119.63.x86_64.rpm | eb80e227a677e26331ea3392e7c43f48a574a886c02db87821894650153680e2 | OVMBA-2024-0012 | ovm3_x86_64_3.3_patch |
| xen-tools-4.3.0-55.el6.119.63.x86_64.rpm | 512d68138fcd8da66a3d245516746289620654860028b266ed34be82a22db2b7 | OVMBA-2024-0012 | ovm3_x86_64_3.3_patch |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
