FreeBSD : xen-kernel -- x86 64-bit bit test instruction emulation broken (56f0f11e-ba4d-11e6-ae1b-002590263bf5)
High Nessus Plugin ID 95509
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Xen Project reports :
The x86 instructions BT, BTC, BTR, and BTS, when used with a destination memory operand and a source register rather than an immediate operand, access a memory location offset from that specified by the memory operand as specified by the high bits of the register source.
A malicious guest can modify arbitrary memory, allowing for arbitrary code execution (and therefore privilege escalation affecting the whole host), a crash of the host (leading to a DoS), or information leaks.
The vulnerability is sometimes exploitable by unprivileged guest user processes.
SolutionUpdate the affected package.