CVE-2015-0361
Published: 7 January 2015
Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service (system crash) via a crafted hypercall during HVM guest teardown.
Notes
| Author | Note |
|---|---|
| mdeslaur | 4.2+ |
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
xen Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Not vulnerable
(4.1.6.1-0ubuntu0.12.04.4)
|
|
| trusty |
Does not exist
(trusty was released [4.4.1-0ubuntu0.14.04.4])
|
|
| upstream |
Needs triage
|
|
| utopic |
Released
(4.4.1-0ubuntu0.14.10.4)
|
|
| vivid |
Released
(4.5.0-1ubuntu3)
|
|
| Binaries built from this source package are in Universe and so are supported by the community. | ||
|
xen-3.3 Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(reached end-of-life)
|
|
| utopic |
Does not exist
|
|
| vivid |
Does not exist
|
|
| Binaries built from this source package are in Universe and so are supported by the community. | ||