Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2). Rated low severity (CVSS 2.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Information Disclosure
Xen
Suse Linux Enterprise Software Development Kit
Suse Linux Enterprise Desktop
Suse Linux Enterprise Server
+5
NVD
CVSS 2.0
2.9
EPSS
0.6%