Back to search
CVE-2015-8338
Published: Dec 17, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
78920
vdb-entry
x_refsource_BID
http://xenbits.xen.org/xsa/advisory-158.html
x_refsource_CONFIRM
1034390
vdb-entry
x_refsource_SECTRACK
DSA-3633
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now