FreeBSD : xen-kernel -- x86 task switch to VM86 mode mis-handled (523bb0b7-ba4d-11e6-ae1b-002590263bf5)
Medium Nessus Plugin ID 95506
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Xen Project reports :
LDTR, just like TR, is purely a protected mode facility. Hence even when switching to a VM86 mode task, LDTR loading needs to follow protected mode semantics. This was violated by the code.
On SVM (AMD hardware): a malicious unprivileged guest process can escalate its privilege to that of the guest operating system.
On both SVM and VMX (Intel hardware): a malicious unprivileged guest process can crash the guest.
SolutionUpdate the affected package.