Lucene search

[email protected]CVE-2015-7814

HistoryOct 30, 2015 - 3:59 p.m.

CVE-2015-7814

2015-10-3015:59:03

CWE-119

CWE-362

[email protected]

web.nvd.nist.gov

xen

security

race condition

denial of service

cve-2015-7814

nvd

4.7 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service (host crash) via vectors involving the destruction of a domain and using XENMEM_decrease_reservation to reduce the memory of the domain.

Affected configurations

NVD

Node

xenxenRange≤4.6.0

CPENameOperatorVersion
xen:xenxenle4.6.0

CPE	Name	Operator	Version
xen:xen	xen	le	4.6.0

References

lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html

www.debian.org/security/2015/dsa-3414

www.securitytracker.com/id/1034030

xenbits.xen.org/xsa/advisory-147.html

security.gentoo.org/glsa/201604-03

4.7 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

Related for CVE-2015-7814

debiancve1 xen1 prion1 nvd1 ubuntucve1 cvelist1 openvas6 nessus7 fedora3 debian1 mageia1 gentoo1