FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-kernel -- Hypervisor memory corruption due to x86 emulator flaw

Affected packages
xen-kernel < 4.5.0_3

Details

VuXML ID 83a28417-27e3-11e5-a4a5-002590263bf5
Discovery 2015-03-10
Entry 2015-07-11

The Xen Project reports:

Instructions with register operands ignore eventual segment overrides encoded for them. Due to an insufficiently conditional assignment such a bogus segment override can, however, corrupt a pointer used subsequently to store the result of the instruction.

A malicious guest might be able to read sensitive data relating to other guests, or to cause denial of service on the host. Arbitrary code execution, and therefore privilege escalation, cannot be excluded.

[source]

References

CVE Name CVE-2015-2151
URL http://xenbits.xen.org/xsa/advisory-123.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.