CVE-2015-8340

Published: 17 December 2015

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling.

Priority

Medium

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.6.0-1ubuntu2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.4])
Patches:
Upstream: http://xenbits.xen.org/xsa/xsa159.patch
Binaries built from this source package are in Universe and so are supported by the community.