FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-kernel -- x86 HVM: Overflow of sh_ctxt->seg_reg[]

Affected packages
xen-kernel < 4.7.1

Details

VuXML ID 4aae54be-ba4d-11e6-ae1b-002590263bf5
Discovery 2016-09-08
Entry 2016-12-04

The Xen Project reports:

x86 HVM guests running with shadow paging use a subset of the x86 emulator to handle the guest writing to its own pagetables. There are situations a guest can provoke which result in exceeding the space allocated for internal state.

A malicious HVM guest administrator can cause Xen to fail a bug check, causing a denial of service to the host.

References

CVE Name CVE-2016-7094
FreeBSD PR ports/214936
URL https://xenbits.xen.org/xsa/advisory-187.html