CVE-2013-1442
Published Sep 30, 2013
Last updated 8 years ago
Overview
- Description
- Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers.
- Source
- security@debian.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 1.2
- Impact score
- 2.9
- Exploitability score
- 1.9
- Vector string
- AV:L/AC:H/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22A995FD-9B7F-4DF0-BECF-4B086E470F1E"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "219597E2-E2D7-4647-8A7C-688B96300158"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D"
}
],
"operator": "OR"
}
]
}
]