Lucene search
HistoryDec 17, 2015 - 7:59 p.m.
CVE-2015-8339
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.8%
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
Affected configurations
Node
xenxenMatch3.2.0
ORxenxenMatch3.2.1
ORxenxenMatch3.2.2
ORxenxenMatch3.2.3
ORxenxenMatch3.3.0
ORxenxenMatch3.3.1
ORxenxenMatch3.3.2
ORxenxenMatch3.4.0
ORxenxenMatch3.4.1
ORxenxenMatch3.4.2
ORxenxenMatch3.4.3
ORxenxenMatch3.4.4
ORxenxenMatch4.0.0
ORxenxenMatch4.0.1
ORxenxenMatch4.0.2
ORxenxenMatch4.0.3
ORxenxenMatch4.0.4
ORxenxenMatch4.1.0
ORxenxenMatch4.1.1
ORxenxenMatch4.1.2
ORxenxenMatch4.1.3
ORxenxenMatch4.1.4
ORxenxenMatch4.1.5
ORxenxenMatch4.1.6
ORxenxenMatch4.1.6.1
ORxenxenMatch4.2.0
ORxenxenMatch4.2.1
ORxenxenMatch4.2.2
ORxenxenMatch4.2.3
ORxenxenMatch4.2.4
ORxenxenMatch4.2.5
ORxenxenMatch4.3.0
ORxenxenMatch4.3.1
ORxenxenMatch4.3.2
ORxenxenMatch4.3.3
ORxenxenMatch4.3.4
ORxenxenMatch4.4.0
ORxenxenMatch4.4.1
ORxenxenMatch4.4.2
ORxenxenMatch4.4.3
ORxenxenMatch4.5.0
ORxenxenMatch4.5.1
ORxenxenMatch4.5.2
ORxenxenMatch4.6.0
Related
cvelist
cvelist
CVE-2015-8339
2015-12-17 19:00:00
prion
prion
Design/Logic Flaw
2015-12-17 19:59:00
ubuntucve
ubuntucve
CVE-2015-8339
2015-12-17 00:00:00
debiancve
debiancve
CVE-2015-8339
2015-12-17 19:59:07
cve
cve
CVE-2015-8339
2015-12-17 19:59:07
freebsd
freebsd
xen-kernel -- XENMEM_exchange error handling issues
2015-12-08 00:00:00
nessus
nessus
Citrix XenServer Multiple memory_exchange() Hypercall Error Handling DoS (CTX203451)
2015-12-15 00:00:00
FreeBSD : xen-kernel -- XENMEM_exchange error handling issues (bcad3faa-b40c-11e5-9728-002590263bf5)
2016-01-06 00:00:00
OracleVM 3.2 : xen (OVMSA-2016-0008)
2016-01-26 00:00:00
openvas
openvas
Fedora Update for xen FEDORA-2015-08
2015-12-20 00:00:00
Debian Security Advisory DSA 3519-1 (xen - security update)
2016-03-17 00:00:00
xen
xen
XENMEM_exchange error handling issues
2015-12-08 11:29:00
fedora
fedora
[SECURITY] Fedora 23 Update: xen-4.5.2-5.fc23
2015-12-17 07:40:46
[SECURITY] Fedora 22 Update: xen-4.5.2-5.fc22
2015-12-20 00:24:12
debian
debian
[SECURITY] [DSA 3519-1] xen security update
2016-03-17 21:52:03
[SECURITY] [DLA 479-1] xen security update
2016-05-17 23:13:35
suse
suse
Security update for xen (important)
2016-01-14 22:19:10
Security update for Xen (important)
2016-03-04 22:13:56
Security update for xen (important)
2016-01-14 22:13:24
osv
osv
xen - security update
2016-05-17 00:00:00
mageia
mageia
Updated xen packages fix security vulnerabilities
2016-03-07 14:20:30
gentoo
gentoo
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.8%
Related for NVD:CVE-2015-8339