CVE-2014-4021

Опубликовано: 17 июн. 2014

Источник: redhat

CVSS2: 2.3

Описание

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.

It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-244

https://bugzilla.redhat.com/show_bug.cgi?id=1103646xen: Hypervisor heap contents leaked to guests (xsa-100)

2.3 Low

CVSS2

Связанные уязвимости

CVE-2014-4021

ubuntu

около 11 лет назад

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.

CVE-2014-4021

nvd

около 11 лет назад

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.

CVE-2014-4021

debian

около 11 лет назад

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered ...

GHSA-h82g-hrcm-j7gq

github

около 3 лет назад

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.

ELSA-2014-0926

oracle-oval

почти 11 лет назад

ELSA-2014-0926: kernel security and bug fix update (MODERATE)

2.3 Low

CVSS2