DEBIAN-CVE-2013-1442

DEBIAN-CVE-2013-1442 PUBLISHED CVSS 8.699999809265137 HIGH

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Debian:13	xen	0, 0, 0
Debian:14	xen	0, 0, 0
Debian:11	xen	0, 0, 0
Debian:12	xen	0, 0, 0

Timeline

Sep 30, 2013 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2013-1442 advisory

Open in Interactive Console →