4.9

CVE-2015-2150

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
UbuntuUbuntu Version12.04 Editionlts
XenXen Version3.3.0
XenXen Version3.3.1
XenXen Version3.3.2
XenXen Version3.4.0
XenXen Version3.4.1
XenXen Version3.4.2
XenXen Version3.4.3
XenXen Version3.4.4
XenXen Version4.0.0
XenXen Version4.0.1
XenXen Version4.0.2
XenXen Version4.0.3
XenXen Version4.0.4
XenXen Version4.1.0
XenXen Version4.1.1
XenXen Version4.1.2
XenXen Version4.1.3
XenXen Version4.1.4
XenXen Version4.1.5
XenXen Version4.1.6.1
XenXen Version4.2.0
XenXen Version4.2.1
XenXen Version4.2.2
XenXen Version4.2.3
XenXen Version4.3.0
XenXen Version4.3.1
XenXen Version4.4.0
XenXen Version4.4.0 Updaterc1
XenXen Version4.4.1 Update-
XenXen Version4.5.0
LinuxLinux Kernel Version <= 3.19.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.53% 0.407
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html
http://www.securitytracker.com/id/1031806
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=af6fc858a35b90e89ea7a7ee58e66628c55c776b
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html
http://www.debian.org/security/2015/dsa-3237
http://www.securityfocus.com/bid/73014
http://www.securitytracker.com/id/1031902
http://www.ubuntu.com/usn/USN-2631-1
http://www.ubuntu.com/usn/USN-2632-1
http://xenbits.xen.org/xsa/advisory-120.html
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1196266
https://github.com/torvalds/linux/commit/af6fc858a35b90e89ea7a7ee58e66628c55c776b
https://seclists.org/bugtraq/2019/Aug/18