Local Guest Domain Vulnerability in Xen Hypervisor by Citrix
CVE-2015-8555
8.6HIGH
Summary
Xen Hypervisor versions 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier are vulnerable due to improper initialization of the x86 FPU stack and XMM registers. This vulnerability can allow local guest domains to gain unauthorized access to sensitive information from other domains, potentially exploiting unspecified vectors. Users of affected versions are encouraged to implement the necessary updates and patches to safeguard their environments.
References
CVSS V3.1
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved