CVE-2016-7777

Priority
Description
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which
allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM
register state information belonging to arbitrary tasks on the guest by
modifying an instruction while the hypervisor is preparing to emulate it.
Notes
sbeattieThe vulnerability is only exposed to x86 HVM guests.
Package
Source: xen (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [4.4.2-0ubuntu0.14.04.7])
Ubuntu 16.04 LTS (Xenial Xerus):released (4.6.0-1ubuntu4.2)
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2020-03-18 22:46:30 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)