CVE-2015-2151

Published: 12 March 2015

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

Priority

Medium

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.1-0ubuntu0.14.04.4])
Patches:
Upstream: http://xenbits.xen.org/xsa/xsa123.patch (4.4, 4.5)
Upstream: http://xenbits.xen.org/xsa/xsa123-4.3-4.2.patch (4.3, 4.2)
Binaries built from this source package are in Universe and so are supported by the community.
xen-3.3
Launchpad, Ubuntu, Debian
Upstream Ignored
(reached end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Binaries built from this source package are in Universe and so are supported by the community.