The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Opensuse
  • Opensuse
Suse
  • Linux Enterprise Desktop
  • Linux Enterprise Real Time Extension
  • Linux Enterprise Server
  • Linux Enterprise Software Development Kit
  • Linux Enterprise Workstation Extension

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*

No data.

References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html cve-icon cve-icon
http://www.debian.org/security/2016/dsa-3434 cve-icon cve-icon
http://www.securityfocus.com/bid/79546 cve-icon cve-icon
http://www.securitytracker.com/id/1034480 cve-icon cve-icon
http://xenbits.xen.org/xsa/advisory-157.html cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2015-8551 cve-icon
https://security.gentoo.org/glsa/201604-03 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2015-8551 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2016-04-13T15:00:00

Updated: 2024-08-06T08:20:43.119Z

Reserved: 2015-12-14T00:00:00

Link: CVE-2015-8551

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2016-04-13T15:59:05.257

Modified: 2020-08-26T13:53:53.513

Link: CVE-2015-8551

cve-icon Redhat

Severity : Moderate

Publid Date: 2015-12-17T00:00:00Z

Links: CVE-2015-8551 - Bugzilla