[3.4] xen: Security issues (CVE-2016-3157, CVE-2016-3158, CVE-2016-3159, CVE-2016-3960, CVE-2016-3961)ID: oval:org.secpod.oval:def:1800268 | Date: (C)2018-03-29 (M)2023-12-07 |
Class: PATCH | Family: unix |
CVE-2016-3157, XSA-171: I/O port access privilege escalation in x86-64 Linux IRET and POPF do not modify EFLAGS.IOPL when executed by code at a privilege level other than zero. Since PV Xen guests run at privilege level 3 , to compensate for this the context switching of EFLAGS.IOPL requires the guest to make use of a dedicated hypercall . The invocation of this hypercall, while present in the 32-bit context switch path, is missing from its 64-bit counterpart.
Platform: |
Alpine Linux 3.4 |