CVE-2015-2045

Published: 12 March 2015

The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.

Priority

Medium

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.1-0ubuntu0.14.04.4])
Patches:
Upstream: http://xenbits.xen.org/xsa/xsa122.patch
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
Upstream Ignored
(reached end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: http://xenbits.xen.org/xsa/xsa122.patch
Binaries built from this source package are in Universe and so are supported by the community.