CVE-2015-4104

Xen 3.3.x-4.5.x - Denial of Service via PCI MSI Mask Bits

Title source: llm
STIX 2.1

Description

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.

References (16)

Core 16
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2630-1
Vendor Advisory x_refsource_confirm
https://support.citrix.com/article/CTX206006
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3286
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032464
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3284
Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX201145
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201604-03
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74950
Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-129.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html

Scores

EPSS 0.0843
EPSS Percentile 92.4%

Details

CWE
CWE-264
Status published
Products (31)
xen/xen 3.3.0
xen/xen 3.3.1
xen/xen 3.3.2
xen/xen 3.4.0
xen/xen 3.4.1
xen/xen 3.4.2
xen/xen 3.4.3
xen/xen 3.4.4
xen/xen 4.0.0
xen/xen 4.0.1
... and 21 more
Published Jun 03, 2015
Tracked Since Feb 18, 2026