Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-2150

Опубликовано: 10 мар. 2015
Источник: redhat
CVSS2: 5.2
EPSS Низкий

Описание

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

Отчет

This issue does affect the Dom0 Xen kernel as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1196266xen: non-maskable interrupts triggerable by guests (xsa120)

EPSS

Процентиль: 30%
0.00109
Низкий

5.2 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-2150

ubuntu
больше 10 лет назад

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

nvd логотип

CVE-2015-2150

nvd
больше 10 лет назад

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

debian логотип

CVE-2015-2150

debian
больше 10 лет назад

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not pro ...

github логотип

GHSA-w7jv-fgrf-v497

github
около 3 лет назад

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

suse-cvrf логотип

SUSE-SU-2015:0658-1

suse-cvrf
около 10 лет назад

Security Update for Linux Kernel

EPSS

Процентиль: 30%
0.00109
Низкий

5.2 Medium

CVSS2