Alpine: multiple xen packages: security update to 4.6.1-r0 (deprecated)

high Tenable Self-Hosted Container Security Plugin ID 401048

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES
bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register
content information from another guest by leveraging pending exception and mask bits. NOTE: this
vulnerability exists because of an incorrect fix for CVE-2013-2076. (CVE-2016-3158)

- The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware
FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive
register content information from another guest by leveraging pending exception and mask bits. NOTE: this
vulnerability exists because of an incorrect fix for CVE-2013-2076. (CVE-2016-3159)

- Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of
service (host crash) or possibly gain privileges by shadowing a superpage mapping. (CVE-2016-3960)

See Also

https://git.alpinelinux.org/aports/commit/?id=40a3ee6c24583c262a4a8390459526dc40832862

https://git.alpinelinux.org/aports/commit/?id=a934752afd105d82544d8a0d229e2347276e995b

Plugin Details

Severity: High

ID: 401048

Version: Revision 1.23

Type: Local

Published: 8/16/2023

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 95.11

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-3960

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 5/9/2016

Vulnerability Publication Date: 3/24/2016

Reference Information

CVE: CVE-2016-3158, CVE-2016-3159, CVE-2016-3960

BID: 85714, 85716, 86318