Information Leakage via Operand Size Prefix in Xen HVM Guests

Information Leakage via Operand Size Prefix in Xen HVM Guests

CVE-2016-9932 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.

Learn more about our User Device Pen Test.