Описание
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 4.3.0-1ubuntu2 |
| lucid | DNE | |
| precise | released | 4.1.5-0ubuntu0.12.04.2 |
| quantal | released | 4.1.5-0ubuntu0.12.10.2 |
| raring | released | 4.2.2-0ubuntu0.13.04.2 |
| saucy | released | 4.3.0-1ubuntu1.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| lucid | ignored | end of life |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | ignored | end of life |
Показывать по
EPSS
1.9 Low
CVSS2
Связанные уязвимости
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register.
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register.
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier ...
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register.
ELSA-2013-1449: kernel security and bug fix update (MODERATE)
EPSS
1.9 Low
CVSS2