FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
5555120d-ba4d-11e6-ae1b-002590263bf5xen-kernel -- guest 32-bit ELF symbol table load leaking host data

The Xen Project reports:

Along with their main kernel binary, unprivileged guests may arrange to have their Xen environment load (kernel) symbol tables for their use. The ELF image metadata created for this purpose has a few unused bytes when the symbol table binary is in 32-bit ELF format. These unused bytes were not properly cleared during symbol table loading.

A malicious unprivileged guest may be able to obtain sensitive information from the host.

The information leak is small and not under the control of the guest, so effectively exploiting this vulnerability is probably difficult.


Discovery 2016-11-22
Entry 2016-12-04
xen-kernel
ge 4.7 lt 4.7.1

CVE-2016-9384
ports/214936
https://xenbits.xen.org/xsa/advisory-194.html