CVE-2015-8553

MEDIUM

Xen - Info Disclosure

Title source: llm

Description

Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.

References (3)

Scores

CVSS v3 6.5
EPSS 0.0027
EPSS Percentile 50.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Classification

CWE
CWE-200
Status draft

Affected Products (2)

xen/xen
redhat/enterprise_linux

Timeline

Published Apr 13, 2016
Tracked Since Feb 18, 2026