Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.Referenceshttp://xenbits.xen.org/xsa/advisory-120.htmlhttps://seclists.org/bugtraq/2019/Aug/18https://www.debian.org/security/2019/dsa-4497
