Candidate: CVE-2013-4361
PublicDate: 2013-10-01 17:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4361
 http://lists.xen.org/archives/html/xen-announce/2013-09/msg00006.html
Description:
 The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the
 correct variable for the source effective address, which allows local HVM
 guests to obtain hypervisor stack information by reading the values used by
 the instruction.
Ubuntu-Description:
Notes:
 mdeslaur> this is xsa-66
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_xen-3.3:
Tags_xen-3.3: universe-binary
upstream_xen-3.3: ignored (reached end-of-life)
lucid_xen-3.3: not-affected
precise_xen-3.3: DNE
quantal_xen-3.3: DNE
raring_xen-3.3: DNE
saucy_xen-3.3: DNE
devel_xen-3.3: DNE

Patches_xen:
Tags_xen: universe-binary
upstream_xen: needs-triage
lucid_xen: DNE
precise_xen: released (4.1.5-0ubuntu0.12.04.2)
quantal_xen: released (4.1.5-0ubuntu0.12.10.2)
raring_xen: released (4.2.2-0ubuntu0.13.04.2)
saucy_xen: released (4.3.0-1ubuntu1.1)
devel_xen: released (4.3.0-1ubuntu2)