Lucene search

PRIOn knowledge basePRION:CVE-2015-7813

HistoryOct 30, 2015 - 3:59 p.m.

Design/Logic Flaw

2015-10-3015:59:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

24.7%

JSON

Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not properly handled in the do_physdev_op function in arch/arm/physdev.c, or (2) HYPERVISOR_hvm_op hypercalls, which are not properly handled in the do_hvm_op function in arch/arm/hvm.c.

CPENameOperatorVersion
xeneq4.6.0
xeneq4.4.0 rc1
xeneq4.4.1
xeneq4.5.1
xeneq4.5.0
xeneq4.4.0

Name	Operator	Version
xen	eq	4.6.0
xen	eq	4.4.0 rc1
xen	eq	4.4.1
xen	eq	4.5.1
xen	eq	4.5.0
xen	eq	4.4.0

References

www.debian.org/security/2015/dsa-3414

www.securitytracker.com/id/1034029

xenbits.xen.org/xsa/advisory-146.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html

security.gentoo.org/glsa/201604-03

6.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

24.7%

JSON

Related for PRION:CVE-2015-7813