OracleVM 3.2 : xen (OVMSA-2016-0178)
High Nessus Plugin ID 95796
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- From: Jan Beulich Subject: x86emul: CMPXCHG8B ignores operand size prefix Otherwise besides mis-handling the instruction, the comparison failure case would result in uninitialized stack data being handed back to the guest in rDX:rAX (32 bits leaked for 32-bit guests, 96 bits for 64-bit ones). This is XSA-200.
SolutionUpdate the affected xen / xen-devel / xen-tools packages.