CVE-2015-2045

Published: 12 March 2015

The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.

Priority

Status

Package	Release	Status
xen Launchpad, Ubuntu, Debian	Upstream	Needed





	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was released [4.4.1-0ubuntu0.14.04.4])
	Patches: Upstream: http://xenbits.xen.org/xsa/xsa122.patch
	Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3 Launchpad, Ubuntu, Debian	Upstream	Ignored (reached end-of-life)





	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
	Patches: Upstream: http://xenbits.xen.org/xsa/xsa122.patch
	Binaries built from this source package are in Universe and so are supported by the community.

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

CVE-2015-2045

Medium

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading