7.2

CVE-2015-2151

EPSS 0.24%
Published 12.03.2015 14:59:03
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

Fedoraproject ≫ Fedora Version20

Fedoraproject ≫ Fedora Version21

Fedoraproject ≫ Fedora Version22

Debian ≫ Debian Linux Version7.0

Xen ≫ Xen Version3.2.0

Xen ≫ Xen Version3.2.1

Xen ≫ Xen Version3.2.2

Xen ≫ Xen Version3.2.3

Xen ≫ Xen Version3.3.0

Xen ≫ Xen Version3.3.1

Xen ≫ Xen Version3.3.2

Xen ≫ Xen Version3.4.0

Xen ≫ Xen Version3.4.1

Xen ≫ Xen Version3.4.2

Xen ≫ Xen Version3.4.3

Xen ≫ Xen Version3.4.4

Xen ≫ Xen Version4.0.0

Xen ≫ Xen Version4.0.1

Xen ≫ Xen Version4.0.2

Xen ≫ Xen Version4.0.3

Xen ≫ Xen Version4.0.4

Xen ≫ Xen Version4.1.0

Xen ≫ Xen Version4.1.1

Xen ≫ Xen Version4.1.2

Xen ≫ Xen Version4.1.3

Xen ≫ Xen Version4.1.4

Xen ≫ Xen Version4.1.5

Xen ≫ Xen Version4.1.6.1

Xen ≫ Xen Version4.2.0

Xen ≫ Xen Version4.2.1

Xen ≫ Xen Version4.2.2

Xen ≫ Xen Version4.2.3

Xen ≫ Xen Version4.3.0

Xen ≫ Xen Version4.3.1

Xen ≫ Xen Version4.4.0

Xen ≫ Xen Version4.4.0 Updaterc1

Xen ≫ Xen Version4.4.1 Update-

Xen ≫ Xen Version4.5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.24%	0.464

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

https://security.gentoo.org/glsa/201604-03

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html

Third Party Advisory

http://support.citrix.com/article/CTX200484

http://www.debian.org/security/2015/dsa-3181

Third Party Advisory

http://www.securitytracker.com/id/1031806

Third Party Advisory

VDB Entry

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm

http://www.securityfocus.com/bid/73015

http://www.securitytracker.com/id/1031903

Third Party Advisory

VDB Entry

http://xenbits.xen.org/xsa/advisory-123.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-2151

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2151

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2151

EUVD