[email protected]CVE-2015-7970

HistoryOct 30, 2015 - 3:59 p.m.

CVE-2015-7970

2015-10-3015:59:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2015-7970

xen

denial of service

cpu consumption

memory contents

nvd

7.9 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.1%

JSON

The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a “time-consuming linear scan,” related to Populate-on-Demand.

CPENameOperatorVersion
xen:xenxeneq3.4.0
xen:xenxeneq3.4.4
xen:xenxeneq3.4.3
xen:xenxeneq3.4.2
xen:xenxeneq3.4.1

CPE	Name	Operator	Version
xen:xen	xen	eq	3.4.0
xen:xen	xen	eq	3.4.4
xen:xen	xen	eq	3.4.3
xen:xen	xen	eq	3.4.2
xen:xen	xen	eq	3.4.1

References

lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html

lists.opensuse.org/opensuse-updates/2015-12/msg00053.html

support.citrix.com/article/CTX202404

www.debian.org/security/2015/dsa-3414

www.securityfocus.com/bid/77362

www.securitytracker.com/id/1034034

xenbits.xen.org/xsa/advisory-150.html

security.gentoo.org/glsa/201604-03

7.9 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.1%

JSON

Related for CVE-2015-7970

nessus16 prion1 ubuntucve1 freebsd1 xen1 cvelist1 debiancve1 openvas13 fedora3 debian2 suse1 osv1 mageia1 gentoo1