CVE-2015-8552 in Xeninfo

Summary

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

12/14/2015

Disclosure

04/13/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
79854	XenSource Xen XEN_PCI_OP_enable_msi WARN input validation	20	Unproven	Official fix	CVE-2015-8552

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!