Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-2044

The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.

Related bugs and status

CVE-2015-2044 (Candidate) is related to these bugs:

Bug #1476666: [MRE] Rebase Xen-4.4 to upstream stable 4.4.2

Summary				In	Importance	Status
	1476666	[MRE] Rebase Xen-4.4 to upstream stable 4.4.2		xen (Ubuntu)	Medium	Invalid
	1476666	[MRE] Rebase Xen-4.4 to upstream stable 4.4.2		xen (Ubuntu Trusty)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://xenbits.xen.org...
SECTRACK: 1031836
DEBIAN: DSA-3181
SECTRACK: 1031806
FEDORA: FEDORA-2015-3721
FEDORA: FEDORA-2015-3935
FEDORA: FEDORA-2015-3944
BID: 72954
CONFIRM: http://support.citrix....
CONFIRM: http://www1.huawei.com...
GENTOO: GLSA-201504-04
SUSE: openSUSE-SU-2015:0732