Lucene search

PRIOn knowledge basePRION:CVE-2015-7812

HistoryNov 17, 2015 - 3:59 p.m.

Design/Logic Flaw

2015-11-1715:59:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.

CPENameOperatorVersion
xeneq4.6.0
xeneq4.5.2
xeneq4.4.2
xeneq4.4.3
xeneq4.4.1
xeneq4.5.1
xeneq4.5.0
xeneq4.4.0

Name	Operator	Version
xen	eq	4.6.0
xen	eq	4.5.2
xen	eq	4.4.2
xen	eq	4.4.3
xen	eq	4.4.1
xen	eq	4.5.1
xen	eq	4.5.0
xen	eq	4.4.0

References

www.debian.org/security/2015/dsa-3414

www.securitytracker.com/id/1034031

xenbits.xen.org/xsa/advisory-145.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html

security.gentoo.org/glsa/201604-03

6.5 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

Related for PRION:CVE-2015-7812