CVE-2013-4368
Published: 17 October 2013
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register.
Priority
Status
Package | Release | Status |
---|---|---|
xen Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(4.3.0-1ubuntu2)
|
|
Binaries built from this source package are in Universe and so are supported by the community. | ||
xen-3.3 Launchpad, Ubuntu, Debian |
Upstream |
Ignored
(reached end-of-life)
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Binaries built from this source package are in Universe and so are supported by the community. |