Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number.
{ "binaries": [ { "binary_name": "libxen-4.4", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxen-4.4-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxen-dev", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxen-ocaml", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxen-ocaml-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxen-ocaml-dev", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxenstore3.0", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "libxenstore3.0-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-hypervisor-4.1-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-hypervisor-4.3-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-hypervisor-4.3-armhf", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-hypervisor-4.4-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-hypervisor-4.4-arm64", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-hypervisor-4.4-armhf", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-system-amd64", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-system-arm64", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-system-armhf", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-utils-4.4", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-utils-4.4-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xen-utils-common", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xenstore-utils", "binary_version": "4.4.2-0ubuntu0.14.04.7" }, { "binary_name": "xenstore-utils-dbgsym", "binary_version": "4.4.2-0ubuntu0.14.04.7" } ], "availability": "No subscription required" }