CVE Vulnerabilities

CVE-2015-4103

Published: Jun 03, 2015 | Modified: Nov 15, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
4.3 LOW
AV:A/AC:H/Au:S/C:N/I:N/A:C
RedHat/V3
Ubuntu
MEDIUM

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.

Affected Software

Name Vendor Start Version End Version
Xen Xen 3.3.0 (including) 3.3.0 (including)
Xen Xen 3.3.1 (including) 3.3.1 (including)
Xen Xen 3.3.2 (including) 3.3.2 (including)
Xen Xen 3.4.0 (including) 3.4.0 (including)
Xen Xen 3.4.1 (including) 3.4.1 (including)
Xen Xen 3.4.2 (including) 3.4.2 (including)
Xen Xen 3.4.3 (including) 3.4.3 (including)
Xen Xen 3.4.4 (including) 3.4.4 (including)
Xen Xen 4.0.1 (including) 4.0.1 (including)
Xen Xen 4.0.2 (including) 4.0.2 (including)
Xen Xen 4.0.3 (including) 4.0.3 (including)
Xen Xen 4.0.4 (including) 4.0.4 (including)
Xen Xen 4.1.0 (including) 4.1.0 (including)
Xen Xen 4.1.1 (including) 4.1.1 (including)
Xen Xen 4.1.2 (including) 4.1.2 (including)
Xen Xen 4.1.3 (including) 4.1.3 (including)
Xen Xen 4.1.4 (including) 4.1.4 (including)
Xen Xen 4.1.5 (including) 4.1.5 (including)
Xen Xen 4.1.6.1 (including) 4.1.6.1 (including)
Xen Xen 4.2.0 (including) 4.2.0 (including)
Xen Xen 4.2.1 (including) 4.2.1 (including)
Xen Xen 4.2.2 (including) 4.2.2 (including)
Xen Xen 4.2.3 (including) 4.2.3 (including)
Xen Xen 4.3.0 (including) 4.3.0 (including)
Xen Xen 4.3.1 (including) 4.3.1 (including)
Xen Xen 4.3.2 (including) 4.3.2 (including)
Xen Xen 4.3.4 (including) 4.3.4 (including)
Xen Xen 4.4.0 (including) 4.4.0 (including)
Xen Xen 4.4.1 (including) 4.4.1 (including)
Xen Xen 4.5.0 (including) 4.5.0 (including)
Qemu Ubuntu trusty *
Qemu Ubuntu upstream *
Qemu Ubuntu utopic *
Qemu Ubuntu vivid *
Xen Ubuntu precise *
Xen Ubuntu trusty *
Xen Ubuntu upstream *
Xen Ubuntu utopic *

References