Lucene search

K

[email protected]CVE-2015-7812

HistoryNov 17, 2015 - 3:59 p.m.

CVE-2015-7812

2015-11-1715:59:00

CWE-254

[email protected]

web.nvd.nist.gov

43

cve-2015-7812

xen

hypercall

denial of service

vulnerability

nvd

8.1 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.0%

The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.

CPENameOperatorVersion
xen:xenxeneq4.6.0
xen:xenxeneq4.5.2
xen:xenxeneq4.4.2
xen:xenxeneq4.4.3
xen:xenxeneq4.4.1
xen:xenxeneq4.5.1
xen:xenxeneq4.5.0
xen:xenxeneq4.4.0

References

lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html

www.debian.org/security/2015/dsa-3414

www.securitytracker.com/id/1034031

xenbits.xen.org/xsa/advisory-145.html

security.gentoo.org/glsa/201604-03

8.1 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.0%

Related for CVE-2015-7812

prion1 xen1 debiancve1 ubuntucve1 nessus7 fedora3 openvas6 debian1 mageia1 gentoo1