CVE-2015-8615

Published: 08 January 2016

The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ).

Priority

Medium

CVSS 3 base score: 5.0

Status

Package Release Status
xen
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.6.0-1ubuntu4)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
Binaries built from this source package are in Universe and so are supported by the community.