|
|
Subscribe / Log in / New account

xen: information leak

Package(s):xen CVE #(s):CVE-2013-1442
Created:October 7, 2013 Updated:October 9, 2013
Description: From the CVE entry:

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers.

Alerts:
Debian DSA-3006-1 xen 2014-08-18
Gentoo 201407-03 xen 2014-07-16
SUSE SUSE-SU-2014:0446-1 Xen 2014-03-25
openSUSE openSUSE-SU-2013:1953-1 xen 2013-12-25
CentOS CESA-2013:X013 xen 2013-11-25
openSUSE openSUSE-SU-2013:1636-1 xen 2013-11-07
Fedora FEDORA-2013-17689 xen 2013-10-06
Fedora FEDORA-2013-17704 xen 2013-10-06
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds