CVE-2015-8551

MEDIUM

Linux Kernel 3.1.x-4.3.x - Denial of Service via PCI Backend Driver NULL Pointer Dereference

Title source: llm
STIX 2.1

Description

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

References (12)

Core 12
Core References
Vendor Advisory x_refsource_confirm
http://xenbits.xen.org/xsa/advisory-157.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034480
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201604-03
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2016/dsa-3434
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/79546
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html

Scores

CVSS v3 6.0
EPSS 0.0007
EPSS Percentile 21.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Details

CWE
CWE-476
Status published
Products (13)
debian/debian_linux 7.0
debian/debian_linux 8.0
linux/linux_kernel 3.1 - 3.1.10
opensuse/opensuse 13.1
suse/linux_enterprise_desktop 11 sp4
suse/linux_enterprise_desktop 12 sp1
suse/linux_enterprise_real_time_extension 11 sp4
suse/linux_enterprise_real_time_extension 12 sp1
suse/linux_enterprise_server 11 (2 CPE variants)
suse/linux_enterprise_server 12 sp1
... and 3 more
Published Apr 13, 2016
Tracked Since Feb 18, 2026