CVE-2015-2151 : The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment ove

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

Published 2015-03-12 14:59:04

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionExecute codeDenial of service

Products affected by CVE-2015-2151

Debian » Debian Linux » Version: 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.2.1
cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.3.2
cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.4.1
cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.2.2
cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.2.3
cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.3.0
cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.3.1
cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.4.3
cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.4.4
cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.0.0
cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.2.0
cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.4.0
cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 3.4.2
cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.0.4
cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.0
cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.0.2
cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.0.3
cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.1
cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.0.1
cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.2.0
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.2
cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.3
cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.4
cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.2.1
cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.2.2
cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.5
cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.2.3
cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.3.0
cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.3.1
cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.1.6.1
cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.4.0 Update RC1
cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.4.0
cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.4.1
cpe:2.3:o:xen:xen:4.4.1:-:*:*:*:*:*:*
Matching versions
XEN » XEN » Version: 4.5.0
cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 20
cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 21
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 22
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-2151

EPSS FAQ

0.23%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 46 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-2151

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2015-2151

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-2151

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm

Security Advisory - Xen Vulnerabilities on Huawei FusionSphere products

CVEs referencing this url
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

Juniper Networks - 2016-10 Security Bulletin: CTPView: Multiple vulnerabilities in CTPView

CVEs referencing this url
http://www.securitytracker.com/id/1031903

Xen x86 Emulator Flaw Lets Local Users Obtain Sensitive Information and Cause Denial of Service Conditions - SecurityTracker
Third Party Advisory;VDB Entry
http://support.citrix.com/article/CTX200484

Citrix XenServer Multiple Security Updates

CVEs referencing this url
http://xenbits.xen.org/xsa/advisory-123.html

XSA-123 - Xen Security Advisories
Patch;Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html

[SECURITY] Fedora 21 Update: xen-4.4.1-16.fc21
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html

[security-announce] openSUSE-SU-2015:0732-1: important: Security update

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Oracle Linux Bulletin - January 2016

CVEs referencing this url
https://security.gentoo.org/glsa/201604-03

Xen: Multiple vulnerabilities (GLSA 201604-03) — Gentoo security

CVEs referencing this url
http://www.securitytracker.com/id/1031806

Xen Multiple Flaws Let Local Guest Users Deny Service or Obtain Information From Other Guest Systems - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html

[SECURITY] Fedora 22 Update: xen-4.5.0-6.fc22
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/73015

Xen CVE-2015-2151 Memory Corruption Vulnerability
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html

[SECURITY] Fedora 20 Update: xen-4.3.3-12.fc20
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2015/dsa-3181

Debian -- Security Information -- DSA-3181-1 xen
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-2151

Products affected by CVE-2015-2151

Exploit prediction scoring system (EPSS) score for CVE-2015-2151

CVSS scores for CVE-2015-2151

CWE ids for CVE-2015-2151

References for CVE-2015-2151