CVE-2015-7835

Published: Oct 30, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://support.citrix.com/article/CTX202404

x_refsource_CONFIRM

77366

vdb-entry

x_refsource_BID

FEDORA-2015-242be2c240

vendor-advisory

x_refsource_FEDORA

FEDORA-2015-a931b02be2

vendor-advisory

x_refsource_FEDORA

http://xenbits.xen.org/xsa/advisory-148.html

x_refsource_CONFIRM

openSUSE-SU-2015:2250

vendor-advisory

x_refsource_SUSE

https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-022-2015.txt

x_refsource_MISC

DSA-3390

vendor-advisory

x_refsource_DEBIAN

1034032

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2015:1965

vendor-advisory

x_refsource_SUSE

FEDORA-2015-6f6b79efe2

vendor-advisory

x_refsource_FEDORA

GLSA-201604-03

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-7835

Description

Affected Products

References