This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The Xen Project reports :
The Xen x86 emulator erroneously failed to consider the unusability of
segments when performing memory accesses.
The intended behaviour is as follows: The user data segment (%ds, %es,
%fs and %gs) selectors may be NULL in 32-bit to prevent access. In
64-bit, NULL has a special meaning for user segments, and there is no
way of preventing access. However, in both 32-bit and 64-bit, a NULL
LDT system segment is intended to prevent access.
On Intel hardware, loading a NULL selector zeros the base as well as
most attributes, but sets the limit field to its largest possible
value. On AMD hardware, loading a NULL selector zeros the attributes,
leaving the stale base and limit intact.
Xen may erroneously permit the access using unexpected base/limit
Ability to exploit this vulnerability on Intel is easy, but on AMD
depends in a complicated way on how the guest kernel manages LDTs.
An unprivileged guest user program may be able to elevate its
privilege to that of the guest operating system.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.6