5.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:P/I:P/A:C
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.6%
Xen, when used on a system providing PV backends, allows local guest OS
administrators to cause a denial of service (host OS crash) or gain
privileges by writing to memory shared between the frontend and backend,
aka a double fetch vulnerability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 12.04 | noarch | linux | < 3.2.0-97.137 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < 3.13.0-74.118 | UNKNOWN |
ubuntu | 15.04 | noarch | linux | < 3.19.0-42.48 | UNKNOWN |
ubuntu | 15.10 | noarch | linux | < 4.2.0-22.27 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1661.85 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-trusty | < 3.13.0-74.118~precise1 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-lts-utopic | < 3.16.0-57.77~14.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-lts-vivid | < 3.19.0-42.48~14.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-lts-wily | < 4.2.0-22.27~14.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-ti-omap4 | < 3.2.0-1476.99 | UNKNOWN |
xenbits.xen.org/xsa/advisory-155.html
launchpad.net/bugs/cve/CVE-2015-8550
nvd.nist.gov/vuln/detail/CVE-2015-8550
security-tracker.debian.org/tracker/CVE-2015-8550
ubuntu.com/security/notices/USN-2846-1
ubuntu.com/security/notices/USN-2847-1
ubuntu.com/security/notices/USN-2848-1
ubuntu.com/security/notices/USN-2849-1
ubuntu.com/security/notices/USN-2850-1
ubuntu.com/security/notices/USN-2851-1
ubuntu.com/security/notices/USN-2853-1
ubuntu.com/security/notices/USN-2854-1
ubuntu.com/security/notices/USN-2886-2
ubuntu.com/security/notices/USN-2891-1
www.cve.org/CVERecord?id=CVE-2015-8550
5.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:P/I:P/A:C
8.2 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.6%