2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
26.7%
HYPERCALL_xenoprof_op and HYPERVISOR_xenpmu_op log some errors and attempts at invalid operations.
These log messages are not rate-limited, even though they can be triggered by guests.
A malicious guest could cause repeated logging to the hypervisor console, leading to a Denial of Service attack.
Xen versions 3.2.x and later are affected. (The VPMU part of the vulnerability is applicable only to Xen 4.6 and later.)
ARM systems are not affected. (The pmu hypercall is x86-specific, and xenoprof is not supported on ARM.)