5.5 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:S/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
26.7%
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not
properly check the return value from the IRQ setup check, which allows
local HVM guest administrators to cause a denial of service (NULL pointer
dereference and crash) via unspecified vectors.