Lucene search
MitreCVE-2015-8341HistoryDec 17, 2015 - 7:59 p.m.
CVE-2015-8341
2015-12-1719:59:09
CWE-399
mitre
web.nvd.nist.gov
48
cve-2015-8341
xen
libxl toolstack library
denial of service
memory consumption
disk consumption
nvd
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
8.1
Confidence
High
EPSS
0.004
Percentile
73.2%
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.
Affected configurations
Node
xenxenMatch4.1.0
ORxenxenMatch4.1.1
ORxenxenMatch4.1.2
ORxenxenMatch4.1.3
ORxenxenMatch4.1.4
ORxenxenMatch4.1.5
ORxenxenMatch4.1.6
ORxenxenMatch4.1.6.1
ORxenxenMatch4.2.0
ORxenxenMatch4.2.1
ORxenxenMatch4.2.2
ORxenxenMatch4.2.3
ORxenxenMatch4.2.4
ORxenxenMatch4.2.5
ORxenxenMatch4.3.0
ORxenxenMatch4.3.1
ORxenxenMatch4.3.2
ORxenxenMatch4.3.3
ORxenxenMatch4.3.4
ORxenxenMatch4.4.0
ORxenxenMatch4.4.1
ORxenxenMatch4.4.2
ORxenxenMatch4.4.3
ORxenxenMatch4.5.0
ORxenxenMatch4.5.1
ORxenxenMatch4.5.2
ORxenxenMatch4.6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xen | xen | 4.1.0 | cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:* |
| xen | xen | 4.1.1 | cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:* |
| xen | xen | 4.1.2 | cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:* |
| xen | xen | 4.1.3 | cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:* |
| xen | xen | 4.1.4 | cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:* |
| xen | xen | 4.1.5 | cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:* |
| xen | xen | 4.1.6 | cpe:2.3:o:xen:xen:4.1.6:*:*:*:*:*:*:* |
| xen | xen | 4.1.6.1 | cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:* |
| xen | xen | 4.2.0 | cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:* |
| xen | xen | 4.2.1 | cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:* |
Related
nessus
nessus
FreeBSD : xen-tools -- libxl leak of pv kernel and initrd on error (5d1d4473-b40d-11e5-9728-002590263bf5)
2016-01-06 00:00:00
Fedora 22 : xen-4.5.2-5.fc22 (2015-08e4af5a20)
2016-03-04 00:00:00
Fedora 23 : xen-4.5.2-5.fc23 (2015-12a089920e)
2016-03-04 00:00:00
ubuntucve
ubuntucve
CVE-2015-8341
2015-12-17 00:00:00
cvelist
cvelist
CVE-2015-8341
2015-12-17 19:00:00
xen
xen
libxl leak of pv kernel and initrd on error
2015-12-08 11:29:00
prion
prion
Design/Logic Flaw
2015-12-17 19:59:00
freebsd
freebsd
xen-tools -- libxl leak of pv kernel and initrd on error
2015-12-08 00:00:00
debiancve
debiancve
CVE-2015-8341
2015-12-17 19:59:09
nvd
nvd
CVE-2015-8341
2015-12-17 19:59:09
fedora
fedora
[SECURITY] Fedora 23 Update: xen-4.5.2-5.fc23
2015-12-17 07:40:46
[SECURITY] Fedora 22 Update: xen-4.5.2-5.fc22
2015-12-20 00:24:12
openvas
openvas
Fedora Update for xen FEDORA-2015-08
2015-12-20 00:00:00
Debian: Security Advisory (DSA-3519-1)
2016-03-16 00:00:00
Debian Security Advisory DSA 3519-1 (xen - security update)
2016-03-17 00:00:00
debian
debian
[SECURITY] [DSA 3519-1] xen security update
2016-03-17 21:52:03
suse
suse
Security update for xen (important)
2016-01-14 22:13:24
Security update for xen (important)
2016-01-14 22:16:01
Security update for xen (important)
2016-01-14 22:19:10
gentoo
gentoo
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
osv
osv
xen-4.7.0_12-1.3 on GA media
2024-06-15 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
8.1
Confidence
High
EPSS
0.004
Percentile
73.2%
Related for CVE-2015-8341