Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-2045

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2015-2045
Last Modified 25 Mar 2015 10:01:10
Published 12 Mar 2015 10:59:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2015-2045

Summary

The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.

Vulnerable Systems

Operating System

  • Debian Linux 7.0

  • Xen 3.2.0

  • Xen 3.2.1

  • Xen 3.2.2

  • Xen 3.2.3

  • Xen 3.3.0

  • Xen 3.3.1

  • Xen 3.3.2

  • Xen 3.4.0

  • Xen 3.4.1

  • Xen 3.4.2

  • Xen 3.4.3

  • Xen 3.4.4

  • Xen 4.0.0

  • Xen 4.0.1

  • Xen 4.0.2

  • Xen 4.0.3

  • Xen 4.0.4

  • Xen 4.1.0

  • Xen 4.1.1

  • Xen 4.1.2

  • Xen 4.1.3

  • Xen 4.1.4

  • Xen 4.1.5

  • Xen 4.1.6.1

  • Xen 4.2.0

  • Xen 4.2.1

  • Xen 4.2.2

  • Xen 4.2.3

  • Xen 4.3.0

  • Xen 4.3.1

  • Xen 4.4.0

  • Xen 4.4.1

  • Xen 4.5.0


References

CONFIRM - http://xenbits.xen.org/xsa/advisory-122.html

SECTRACK - 1031837

DEBIAN - DSA-3181

SECTRACK - 1031806

FEDORA - FEDORA-2015-3944

FEDORA - FEDORA-2015-3721

FEDORA - FEDORA-2015-3935


Last Updated: 27 May 2016 11:08:08