7.2

CVE-2015-2151

EPSS 0.24%
Veröffentlicht 12.03.2015 14:59:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fedoraproject ≫ Fedora Version20

Fedoraproject ≫ Fedora Version21

Fedoraproject ≫ Fedora Version22

Debian ≫ Debian Linux Version7.0

Xen ≫ Xen Version3.2.0

Xen ≫ Xen Version3.2.1

Xen ≫ Xen Version3.2.2

Xen ≫ Xen Version3.2.3

Xen ≫ Xen Version3.3.0

Xen ≫ Xen Version3.3.1

Xen ≫ Xen Version3.3.2

Xen ≫ Xen Version3.4.0

Xen ≫ Xen Version3.4.1

Xen ≫ Xen Version3.4.2

Xen ≫ Xen Version3.4.3

Xen ≫ Xen Version3.4.4

Xen ≫ Xen Version4.0.0

Xen ≫ Xen Version4.0.1

Xen ≫ Xen Version4.0.2

Xen ≫ Xen Version4.0.3

Xen ≫ Xen Version4.0.4

Xen ≫ Xen Version4.1.0

Xen ≫ Xen Version4.1.1

Xen ≫ Xen Version4.1.2

Xen ≫ Xen Version4.1.3

Xen ≫ Xen Version4.1.4

Xen ≫ Xen Version4.1.5

Xen ≫ Xen Version4.1.6.1

Xen ≫ Xen Version4.2.0

Xen ≫ Xen Version4.2.1

Xen ≫ Xen Version4.2.2

Xen ≫ Xen Version4.2.3

Xen ≫ Xen Version4.3.0

Xen ≫ Xen Version4.3.1

Xen ≫ Xen Version4.4.0

Xen ≫ Xen Version4.4.0 Updaterc1

Xen ≫ Xen Version4.4.1 Update-

Xen ≫ Xen Version4.5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.464

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

https://security.gentoo.org/glsa/201604-03

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html

Third Party Advisory

http://support.citrix.com/article/CTX200484

http://www.debian.org/security/2015/dsa-3181

Third Party Advisory

http://www.securitytracker.com/id/1031806

Third Party Advisory

VDB Entry

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm

http://www.securityfocus.com/bid/73015

http://www.securitytracker.com/id/1031903

Third Party Advisory

VDB Entry

http://xenbits.xen.org/xsa/advisory-123.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-2151

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2151

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2151

EUVD