CVE-2013-4361

Published: 01 October 2013

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.

Priority

Low

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.3.0-1ubuntu2)
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
Upstream Ignored
(reached end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Binaries built from this source package are in Universe and so are supported by the community.