Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-4361
HistoryOct 01, 2013 - 12:00 a.m.

CVE-2013-4361

2013-10-0100:00:00
ubuntu.com
ubuntu.com
6

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

25.5%

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the
correct variable for the source effective address, which allows local HVM
guests to obtain hypervisor stack information by reading the values used by
the instruction.

Notes

Author Note
mdeslaur this is xsa-66
OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchxen< 4.1.5-0ubuntu0.12.04.2UNKNOWN
ubuntu12.10noarchxen< 4.1.5-0ubuntu0.12.10.2UNKNOWN
ubuntu13.04noarchxen< 4.2.2-0ubuntu0.13.04.2UNKNOWN
ubuntu13.10noarchxen< 4.3.0-1ubuntu1.1UNKNOWN

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

25.5%