Your submission was sent successfully! Close

CVE-2015-2151

Published: 12 March 2015

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

Priority

Medium

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (4.1.6.1-0ubuntu0.12.04.5)
trusty Does not exist
(trusty was released [4.4.1-0ubuntu0.14.04.4])
upstream Needed

utopic
Released (4.4.1-0ubuntu0.14.10.4)
vivid
Released (4.5.0-1ubuntu3)
wily
Released (4.5.0-1ubuntu3)
Patches:
upstream: http://xenbits.xen.org/xsa/xsa123.patch (4.4, 4.5)
upstream: http://xenbits.xen.org/xsa/xsa123-4.3-4.2.patch (4.3, 4.2)
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise Does not exist

trusty Does not exist

upstream Ignored
(reached end-of-life)
utopic Does not exist

vivid Does not exist

wily Does not exist

Binaries built from this source package are in Universe and so are supported by the community.