CVE Vulnerabilities

CVE-2015-7970

Published: Oct 30, 2015 | Modified: Jul 01, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a time-consuming linear scan, related to Populate-on-Demand.

Affected Software

Name Vendor Start Version End Version
Xen Xen 3.4.0 (including) 3.4.0 (including)
Xen Xen 3.4.1 (including) 3.4.1 (including)
Xen Xen 3.4.2 (including) 3.4.2 (including)
Xen Xen 3.4.3 (including) 3.4.3 (including)
Xen Xen 3.4.4 (including) 3.4.4 (including)
Xen Ubuntu devel *
Xen Ubuntu precise *
Xen Ubuntu trusty *
Xen Ubuntu vivid *
Xen Ubuntu wily *

References