Lucene search

K
cveMitreCVE-2015-6654
HistorySep 03, 2015 - 2:59 p.m.

CVE-2015-6654

2015-09-0314:59:10
CWE-264
mitre
web.nvd.nist.gov
38
cve-2015-6654
xen
denial of service
remote domains
permissions
memory mapping

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

20.8%

The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest.

Affected configurations

Nvd
Node
xenxenMatch4.4.0
OR
xenxenMatch4.5.0
OR
xenxenMatch4.5.1
VendorProductVersionCPE
xenxen4.4.0cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*
xenxen4.5.0cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*
xenxen4.5.1cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

8.2

Confidence

High

EPSS

0.001

Percentile

20.8%