The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
Related bugs and status
CVE-2015-2045 (Candidate)
is related to these bugs: