Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:36326
HistoryJul 12, 2022 - 6:12 a.m.

Sensitive Information Disclosure

2022-07-1206:12:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
26
xen
sensitive information disclosure
linux
block table
memory regions
information disclosure
grant table
4k pages
backends

EPSS

0.001

Percentile

27.5%

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page.