CVE-2017-15589

Priority
Description
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS
users to obtain sensitive information from the host OS (or an arbitrary
guest OS) because intercepted I/O operations can cause a write of data from
uninitialized hypervisor stack memory.
Notes
mdeslaurhypervisor packages are in universe. For
issues in the hypervisor, add appropriate
tags to each section, ex:
Tags_xen: universe-binary
Package
Source: xen (LP Ubuntu Debian)
Upstream:released (4.9.1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.6.4-0ubuntu1.4)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.9.2-0ubuntu1)
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2020-09-10 05:38:04 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)