XenSource Xen 4.4/4.5 hypercalls HYPERCALL_xenoprof_op/HYPERVISOR_xenpmu_op data processing
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 3.5 | $0-$5k | 0.00 |
A vulnerability, which was classified as problematic, was found in XenSource Xen 4.4/4.5 (Virtualization Software). Affected is the function HYPERCALL_xenoprof_op/HYPERVISOR_xenpmu_op of the component hypercalls Handler. The manipulation with an unknown input leads to a data processing vulnerability. CWE is classifying the issue as CWE-19. This is going to have an impact on availability.
The weakness was published 10/29/2015 by Jan Beulich with SuSE as XSA-152 as confirmed security advisory (Website). The advisory is shared for download at xenbits.xen.org. This vulnerability is traded as CVE-2015-7971 since 10/23/2015. The exploitability is told to be easy. The attack needs to be approached locally. The exploitation doesn't require any form of authentication. There are known technical details, but no exploit is available.
The vulnerability scanner Nessus provides a plugin with the ID 86841 , which helps to determine the existence of the flaw in a target environment. The commercial vulnerability scanner Qualys is able to test this issue with plugin 370027 (Citrix XenServer Security Update (CTX202404)).
Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (107670) and Tenable (86841). Similar entries are available at 78957, 78959 and 78963.
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.0VulDB Meta Temp Score: 3.5
VulDB Base Score: 4.0
VulDB Temp Score: 3.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Data processingCWE: CWE-19
ATT&CK: Unknown
Local: Yes
Remote: No
Availability: 🔍
Status: Unproven
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Nessus ID: 86841
Nessus File: 🔍
Nessus Risk: 🔍
OpenVAS ID: 703414
OpenVAS Name: Debian Security Advisory DSA 3414-1 (xen - security update)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Timeline
10/23/2015 🔍10/29/2015 🔍
10/29/2015 🔍
10/29/2015 🔍
10/29/2015 🔍
10/30/2015 🔍
10/30/2015 🔍
10/30/2015 🔍
06/25/2022 🔍
Sources
Vendor: citrix.comAdvisory: XSA-152
Researcher: Jan Beulich
Organization: SuSE
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2015-7971 (🔍)
OVAL: 🔍
X-Force: 107670 - Xen hypercalls denial of service
SecurityTracker: 1034035
Vulnerability Center: 54044 - Xen Remote DoS Vulnerability due to a Failure to Handle Exceptional Conditions via Hypervisor Console, Medium
SecurityFocus: 77363 - Xen CVE-2015-7971 Denial of Service Vulnerability
See also: 🔍
Entry
Created: 10/30/2015 09:39Updated: 06/25/2022 14:33
Changes: 10/30/2015 09:39 (71), 03/02/2018 09:36 (6), 06/25/2022 14:31 (4), 06/25/2022 14:33 (1)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.