Vulnerability Description
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory via unspecified vectors.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | 3.4.0 |
| Linux | Linux Kernel | 2.6.18 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://www.securityfocus.com/bid/73921
- https://bugzilla.novell.com/show_bug.cgi?id=917830
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
- http://www.securityfocus.com/bid/73921
- https://bugzilla.novell.com/show_bug.cgi?id=917830
FAQ
What is CVE-2015-0777?
CVE-2015-0777 is a vulnerability with a CVSS score of 2.1 (LOW). drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows g...
How severe is CVE-2015-0777?
CVE-2015-0777 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0777?
Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen, Linux Linux Kernel.