vulnerability

FreeBSD: VID-e839ca04-b40d-11e5-9728-002590263bf5 (CVE-2015-8555): xen-kernel -- information leak in legacy x86 FPU/XMM initialization

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Jan 6, 2016	Dec 10, 2025	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Jan 6, 2016

Added

Dec 10, 2025

Modified

Dec 10, 2025

Description

The Xen Project reports: When XSAVE/XRSTOR are not in use by Xen to manage guest extended register state, the initial values in the FPU stack and XMM registers seen by the guest upon first use are those left there by the previous user of those registers. A malicious domain may be able to leverage this to obtain sensitive information such as cryptographic keys from another domain.

Solution

freebsd-upgrade-package-xen-kernel

References

CVE-2015-8555
https://attackerkb.com/topics/CVE-2015-8555
CWE-200

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today