Vulnerability Details : CVE-2015-8551
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2015-8551
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-8551
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-8551
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.7
|
MEDIUM | AV:L/AC:M/Au:N/C:N/I:N/A:C |
3.4
|
6.9
|
NIST | |
6.0
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H |
1.5
|
4.0
|
NIST |
CWE ids for CVE-2015-8551
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-8551
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
[security-announce] SUSE-SU-2016:0911-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
[security-announce] SUSE-SU-2016:1764-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1034480
Xen MSI Call Processing Bugs Let Local Users on the Guest System Deny Service on the Target Host System - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
[security-announce] SUSE-SU-2016:1102-1: important: Security update forMailing List;Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3434
Debian -- Security Information -- DSA-3434-1 linuxThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html
[security-announce] SUSE-SU-2016:1937-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/79546
Xen Multiple Denial of Service VulnerabilitiesThird Party Advisory;VDB Entry
-
http://xenbits.xen.org/xsa/advisory-157.html
XSA-157 - Xen Security AdvisoriesVendor Advisory
-
https://security.gentoo.org/glsa/201604-03
Xen: Multiple vulnerabilities (GLSA 201604-03) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
[security-announce] SUSE-SU-2016:2105-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
[security-announce] SUSE-SU-2016:1707-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
[security-announce] openSUSE-SU-2016:2184-1: important: Security updateMailing List;Third Party Advisory
Jump to