Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4368HistoryOct 17, 2013 - 11:55 p.m.
CVE-2013-4368
2013-10-1723:55:00
Debian Security Bug Tracker
security-tracker.debian.org
13
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.7%
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 11 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 10 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 999 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
| Debian | 13 | all | xen | < 4.4.0-1 | xen_4.4.0-1_all.deb |
Related
nessus
nessus
OracleVM 3.1 : xen (OVMSA-2013-0073)
2014-11-26 00:00:00
OracleVM 2.2 : xen (OVMSA-2013-0075)
2014-11-26 00:00:00
OracleVM 3.2 : xen (OVMSA-2013-0072)
2014-11-26 00:00:00
cve
cve
CVE-2013-4368
2013-10-17 23:55:00
prion
prion
Design/Logic Flaw
2013-10-17 23:55:00
ubuntucve
ubuntucve
CVE-2013-4368
2013-10-17 00:00:00
xen
xen
Information leak through outs instruction emulation
2013-10-10 12:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2013-1790)
2015-10-06 00:00:00
RedHat Update for kernel RHSA-2013:1449-01
2013-10-29 00:00:00
CentOS Update for kernel CESA-2013:1449 centos5
2013-10-29 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2013-12-05 00:00:00
kernel security and bug fix update
2013-10-22 00:00:00
kernel security and bug fix update
2013-10-22 00:00:00
redhat
redhat
(RHSA-2013:1449) Moderate: kernel security and bug fix update
2013-10-22 00:00:00
centos
centos
kernel security update
2013-10-23 00:10:49
suse
suse
Security update for Xen (important)
2014-03-20 13:04:14
Security update for Xen (important)
2014-04-01 20:04:15
Security update for Xen (important)
2014-03-25 23:04:15
fedora
fedora
[SECURITY] Fedora 19 Update: xen-4.2.3-4.fc19
2013-10-23 03:41:38
[SECURITY] Fedora 19 Update: xen-4.2.3-7.fc19
2013-11-11 02:31:09
[SECURITY] Fedora 19 Update: xen-4.2.3-8.fc19
2013-11-21 04:37:38
osv
osv
xen - security update
2014-08-18 00:00:00
debian
debian
[SECURITY] [DSA 3006-1] xen security update
2014-08-18 12:41:52
gentoo
gentoo
Xen: Multiple Vunlerabilities
2014-07-16 00:00:00
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
24.7%
Related for DEBIANCVE:CVE-2013-4368