CVE Vulnerabilities

CVE-2015-4103

Published: Jun 03, 2015 | Modified: Nov 15, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.3.2 4.3.2
Xen Xen 4.1.5 4.1.5
Xen Xen 4.2.2 4.2.2
Xen Xen 4.2.3 4.2.3
Xen Xen 3.4.0 3.4.0
Xen Xen 4.3.0 4.3.0
Xen Xen 4.0.4 4.0.4
Xen Xen 4.0.2 4.0.2
Xen Xen 3.3.2 3.3.2
Xen Xen 4.1.2 4.1.2
Xen Xen 3.4.4 3.4.4
Xen Xen 4.1.1 4.1.1
Xen Xen 4.2.0 4.2.0
Xen Xen 4.1.0 4.1.0
Xen Xen 3.4.3 3.4.3
Xen Xen 4.4.1 4.4.1
Xen Xen 4.1.3 4.1.3
Xen Xen 4.1.6.1 4.1.6.1
Xen Xen 4.3.4 4.3.4
Xen Xen 3.3.1 3.3.1
Xen Xen 3.4.2 3.4.2
Xen Xen 4.1.4 4.1.4
Xen Xen 3.4.1 3.4.1
Xen Xen 4.3.1 4.3.1
Xen Xen 3.3.0 3.3.0
Xen Xen 4.2.1 4.2.1
Xen Xen 4.5.0 4.5.0
Xen Xen 4.4.0 4.4.0
Xen Xen 4.0.1 4.0.1
Xen Xen 4.0.3 4.0.3

References