CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
20.8%
The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x,
4.4.x, and earlier does not limit the number of printk console messages
when reporting a failure to retrieve a reference on a foreign page, which
allows remote domains to cause a denial of service by leveraging
permissions to map the memory of a foreign guest.
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
seth-arnold | Mitigation: “Reducing the hypervisor log level can be used to suppress messages” |