Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Xen
Опубликовано:15 марта 2015 г.
Источник:
SecurityVulns ID:14307
Тип:локальная
Уровень опасности:
6/10
Описание:Утечка информации, DoS, повышение привилегий.
Затронутые продукты:XEN : Xen 3.2
 XEN : Xen 4.5
CVE:CVE-2015-2151 (The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.)
 CVE-2015-2045 (The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.)
 CVE-2015-2044 (The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3181-1] xen security update (15.03.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород