Lucene search

[email protected]CVE-2015-0777

HistoryApr 05, 2015 - 9:59 p.m.

CVE-2015-0777

2015-04-0521:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2015-0777

linux kernel

xen 3.4.x

suse linux

information security

memory vulnerability

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors.

Affected configurations

NVD

Node

xenxenMatch3.4.0

xenxenMatch3.4.1

xenxenMatch3.4.2

xenxenMatch3.4.3

xenxenMatch3.4.4

AND

linuxlinux_kernelMatch2.6.18

CPENameOperatorVersion
xen:xenxeneq3.4.0
xen:xenxeneq3.4.1
xen:xenxeneq3.4.2
xen:xenxeneq3.4.3
xen:xenxeneq3.4.4

CPE	Name	Operator	Version
xen:xen	xen	eq	3.4.0
xen:xen	xen	eq	3.4.1
xen:xen	xen	eq	3.4.2
xen:xen	xen	eq	3.4.3
xen:xen	xen	eq	3.4.4

References

lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html

www.securityfocus.com/bid/73921

bugzilla.novell.com/show_bug.cgi?id=917830

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for CVE-2015-0777

f52 redhatcve1 ubuntucve2 nvd2 debiancve2 prion2 cvelist2 suse7 nessus7 openvas8 cve1 ibm1