CVE Vulnerabilities

CVE-2015-7813

Published: Oct 30, 2015 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu

Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not properly handled in the do_physdev_op function in arch/arm/physdev.c, or (2) HYPERVISOR_hvm_op hypercalls, which are not properly handled in the do_hvm_op function in arch/arm/hvm.c.

Affected Software

Name Vendor Start Version End Version
Xen Xen 4.4.0 4.4.0
Xen Xen 4.4.0 4.4.0
Xen Xen 4.4.1 4.4.1
Xen Xen 4.5.0 4.5.0
Xen Xen 4.5.1 4.5.1
Xen Xen 4.6.0 4.6.0
Xen Ubuntu devel *
Xen Ubuntu trusty *
Xen Ubuntu vivid *
Xen Ubuntu wily *

References