CVE-2013-4361

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2013-4361

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-4361.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-4361

Related

Published

2013-10-01T17:55:03Z

Modified

2024-09-18T01:00:21Z

Summary

[none]

Details

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.

References

Affected packages

Debian:11 / xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / xen

Package

Name: xen
Purl: pkg:deb/debian/xen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}