Vulnerability Details : CVE-2015-7311
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
Products affected by CVE-2015-7311
- cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.2.1:-:*:*:*:*:x86:*
- cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.4.1:-:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:x86:*
- cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:x86:*
- cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:x86:*
Exploit prediction scoring system (EPSS) score for CVE-2015-7311
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-7311
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:P |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2015-7311
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7311
-
http://www.securitytracker.com/id/1033633
Xen libxl Read-Only Access Control Bypass Lets Local Users on a Guest System Write to the Target Disk - SecurityTracker
-
http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html
openSUSE-SU-2015:2250-1: moderate: Security update for xen
-
http://xenbits.xen.org/xsa/advisory-142.html
XSA-142 - Xen Security AdvisoriesVendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1257893
1257893 – Guests on Fedora22 Xen host are able to write to read-only disks with full device emulation type.
-
http://www.securityfocus.com/bid/76823
Xen CVE-2015-7311 Security Bypass Vulnerability
-
http://www.debian.org/security/2015/dsa-3414
Debian -- Security Information -- DSA-3414-1 xen
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
[SECURITY] Fedora 22 Update: xen-4.5.1-8.fc22
-
https://security.gentoo.org/glsa/201604-03
Xen: Multiple vulnerabilities (GLSA 201604-03) — Gentoo security
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167077.html
[SECURITY] Fedora 23 Update: xen-4.5.1-8.fc23
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
[SECURITY] Fedora 21 Update: xen-4.4.3-3.fc21
Jump to