Lucene search

K
cveMitreCVE-2015-7812
HistoryNov 17, 2015 - 3:59 p.m.

CVE-2015-7812

2015-11-1715:59:14
CWE-254
mitre
web.nvd.nist.gov
53
cve-2015-7812
xen
hypercall
denial of service
vulnerability
nvd

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

26.7%

The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.

Affected configurations

Nvd
Node
xenxenMatch4.4.0
OR
xenxenMatch4.4.1-
OR
xenxenMatch4.4.2
OR
xenxenMatch4.4.3
OR
xenxenMatch4.5.0
OR
xenxenMatch4.5.1
OR
xenxenMatch4.5.2
OR
xenxenMatch4.6.0
VendorProductVersionCPE
xenxen4.4.0cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*
xenxen4.4.1cpe:2.3:o:xen:xen:4.4.1:-:*:*:*:*:*:*
xenxen4.4.2cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*
xenxen4.4.3cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*
xenxen4.5.0cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*
xenxen4.5.1cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*
xenxen4.5.2cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*
xenxen4.6.0cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

26.7%