Lucene search

MitreCVE-2015-7814

HistoryOct 30, 2015 - 3:59 p.m.

CVE-2015-7814

2015-10-3015:59:03

CWE-119

CWE-362

mitre

web.nvd.nist.gov

xen

security

race condition

denial of service

cve-2015-7814

nvd

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service (host crash) via vectors involving the destruction of a domain and using XENMEM_decrease_reservation to reduce the memory of the domain.

Affected configurations

Nvd

Node

xenxenRange≤4.6.0

VendorProductVersionCPE
xenxen*cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
xen	xen	*	cpe:2.3:o:xen:xen::::::::

References

lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html

lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html

www.debian.org/security/2015/dsa-3414

www.securitytracker.com/id/1034030

xenbits.xen.org/xsa/advisory-147.html

security.gentoo.org/glsa/201604-03

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.001

Percentile

26.7%

JSON

Related for CVE-2015-7814