Lucene search

PRIOn knowledge basePRION:CVE-2015-6654

HistorySep 03, 2015 - 2:59 p.m.

Denial of service

2015-09-0314:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

18.4%

JSON

The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest.

CPENameOperatorVersion
xeneq4.5.1
xeneq4.5.0
xeneq4.4.0

Name	Operator	Version
xen	eq	4.5.1
xen	eq	4.5.0
xen	eq	4.4.0

References

www.debian.org/security/2015/dsa-3414

www.securitytracker.com/id/1033438

xenbits.xen.org/xsa/advisory-141.html

7 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

18.4%

JSON

Related for PRION:CVE-2015-6654