Uninitialized x86 FPU Stack and XMM Registers Vulnerability in Xen 4.6.x and Earlier

Uninitialized x86 FPU Stack and XMM Registers Vulnerability in Xen 4.6.x and Earlier

CVE-2015-8555 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.