Candidate: CVE-2015-3340
PublicDate: 2015-04-28 14:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340
 http://xenbits.xen.org/xsa/advisory-132.html
Description:
 Xen 4.2.x through 4.5.x does not initialize certain fields, which allows
 certain remote service domains to obtain sensitive information from memory
 via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist
 request.
Ubuntu-Description:
Notes:
 mdeslaur> hypervisor packages are in universe. For
 mdeslaur> issues in the hypervisor, add appropriate
 mdeslaur> tags to each section, ex:
 mdeslaur> Tags_xen: universe-binary
 sbeattie> xen 4.0 and later
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_xen-3.3:
upstream_xen-3.3: ignored (reached end-of-life)
lucid_xen-3.3: not-affected (4.x only)
precise_xen-3.3: DNE
trusty_xen-3.3: DNE
trusty/esm_xen-3.3: DNE
utopic_xen-3.3: DNE
vivid_xen-3.3: DNE
wily_xen-3.3: DNE
devel_xen-3.3: DNE

Patches_xen:
Tags_xen: universe-binary
upstream_xen: needs-triage
lucid_xen: DNE
precise_xen: released (4.1.6.1-0ubuntu0.12.04.6)
trusty_xen: released (4.4.1-0ubuntu0.14.04.6)
trusty/esm_xen: DNE (trusty was released [4.4.1-0ubuntu0.14.04.6])
utopic_xen: released (4.4.1-0ubuntu0.14.10.6)
vivid_xen: released (4.5.0-1ubuntu4.1)
wily_xen: not-affected (4.5.1-0ubuntu1)
devel_xen: not-affected (4.5.1-0ubuntu1)