2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
26.5%
The Xen Project reports:
The code handling certain sub-operations of the
HYPERVISOR_xen_version hypercall fails to fully initialize all
fields of structures subsequently copied back to guest memory. Due
to this hypervisor stack contents are copied into the destination of
the operation, thus becoming visible to the guest.
A malicious guest might be able to read sensitive data relating to
other guests.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | xen-kernel | < 4.5.0_3 | UNKNOWN |