The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:M/Au:N/C:N/I:N/A:C
Vendors Products
Suse
  • Linux Enterprise Software Development Kit
  • Linux Enterprise Desktop
  • Linux Enterprise Server
  • Linux Enterprise Real Time Extension
  • Linux Enterprise Workstation Extension
Debian
  • Debian Linux
Opensuse
  • Opensuse
Linux
  • Linux Kernel

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html Mailing List Third Party Advisory
http://www.debian.org/security/2016/dsa-3434 Third Party Advisory
http://www.securityfocus.com/bid/79546 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034480 Third Party Advisory VDB Entry
http://xenbits.xen.org/xsa/advisory-157.html Vendor Advisory
https://security.gentoo.org/glsa/201604-03 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-04-13T15:00:00

Updated: 2017-11-03T18:57:01

Reserved: 2015-12-14T00:00:00

Link: CVE-2015-8551

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2016-04-13T15:59:05.257

Modified: 2020-08-26T13:53:53.513

Link: CVE-2015-8551

JSON object: View

cve-icon Redhat Information

No data.

CWE