Your submission was sent successfully! Close

CVE-2015-2045

Published: 12 March 2015

The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.

Priority

Medium

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (4.1.6.1-0ubuntu0.12.04.5)
trusty Does not exist
(trusty was released [4.4.1-0ubuntu0.14.04.4])
upstream Needed

utopic
Released (4.4.1-0ubuntu0.14.10.4)
vivid
Released (4.5.0-1ubuntu3)
wily
Released (4.5.0-1ubuntu3)
Patches:
upstream: http://xenbits.xen.org/xsa/xsa122.patch

Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise Does not exist

trusty Does not exist

upstream Ignored
(reached end-of-life)
utopic Does not exist

vivid Does not exist

wily Does not exist

Patches:

upstream: http://xenbits.xen.org/xsa/xsa122.patch
Binaries built from this source package are in Universe and so are supported by the community.