CVE-2015-7969

Publication date 30 October 2015

Last updated 24 July 2024

Ubuntu priority

Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
xen	15.10 wily	Fixed 4.5.1-0ubuntu1.1
	15.04 vivid	Fixed 4.5.0-1ubuntu4.3
	14.04 LTS trusty	Fixed 4.4.2-0ubuntu0.14.04.3
	12.04 LTS precise	Fixed 4.1.6.1-0ubuntu0.12.04.7

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://xenbits.xen.org/xsa/advisory-149.html
http://xenbits.xen.org/xsa/advisory-151.html
https://www.cve.org/CVERecord?id=CVE-2015-7969