6.2 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
23.2%
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.
lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html
support.citrix.com/article/CTX200484
www.debian.org/security/2015/dsa-3181
www.securityfocus.com/bid/72954
www.securitytracker.com/id/1031806
www.securitytracker.com/id/1031836
www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm
xenbits.xen.org/xsa/advisory-121.html
lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html
lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html
lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html
security.gentoo.org/glsa/201504-04