CVE-2015-4105

Xen 3.3.x-4.5.x - Denial of Service via PCI MSI-X Pass-Through Error Logging

Title source: llm
STIX 2.1

Description

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.

References (16)

Core 16
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2630-1
Vendor Advisory x_refsource_confirm
https://support.citrix.com/article/CTX206006
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3286
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3284
Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX201145
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74948
Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-130.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032465
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201604-03
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html

Scores

EPSS 0.0012
EPSS Percentile 30.6%

Details

CWE
CWE-399
Status published
Products (30)
xen/xen 3.3.0
xen/xen 3.3.1
xen/xen 3.3.2
xen/xen 3.4.0
xen/xen 3.4.1
xen/xen 3.4.2
xen/xen 3.4.3
xen/xen 3.4.4
xen/xen 4.0.0
xen/xen 4.0.1
... and 20 more
Published Jun 03, 2015
Tracked Since Feb 18, 2026