7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
23.9%
Xen 4.6.x and earlier does not properly enforce limits on page order inputs
for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3)
XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations,
which allows ARM guest OS administrators to cause a denial of service (CPU
consumption, guest reboot, or watchdog timeout and host reboot) and
possibly have unspecified other impact via unknown vectors.