Uninitialized Memory Disclosure in Xen USB Backend Driver

Uninitialized Memory Disclosure in Xen USB Backend Driver

CVE-2015-0777 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.