Published: 08/01/2016 Updated: 28/11/2016

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5 | Impact Score: 1.4 | Exploitability Score: 3.1

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ).

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 4.6.0

Debian Bug report logs - #823620 Multiple security issues Package: src:xen; Maintainer for src:xen is Debian Xen Team <pkg-xen-devel@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 6 May 2016 18:03:02 UTC Severity: grave Tags: security Fixed in versions xen/480~rc3-1, xen/48 ...

The hvm_set_callback_via function in arch/x86/hvm/irqc in Xen 46 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ) ...

CWE-254 http://xenbits.xen.org/xsa/advisory-169.html http://www.securitytracker.com/id/1034512 http://www.securityfocus.com/bid/79644 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823620 https://access.redhat.com/security/cve/cve-2015-8615

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-8615

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect