exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2015-8551

Status Candidate

Overview

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka "Linux pciback missing sanity checks."

Related Files

Debian Security Advisory 3434-1
Posted Jan 5, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3434-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-7513, CVE-2015-7550, CVE-2015-8543, CVE-2015-8550, CVE-2015-8551, CVE-2015-8552, CVE-2015-8569, CVE-2015-8575, CVE-2015-8709
SHA-256 | f1141a8de6449e71f448b35c2f5555c825d9e8cd9ccb92406b4982ef5187cd2b
Ubuntu Security Notice USN-2854-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2854-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | 4560f59cb8a5d18a6cadd565d521fc357f2f31aae4087d2abd4f1b351acf0022
Ubuntu Security Notice USN-2853-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2853-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | 63d4243633188475257f38038140ee8db3ad0e912331c6117e50c2ea9b6e6ec3
Ubuntu Security Notice USN-2851-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2851-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | c3bc75f25e193f65a56c6bde3e9a18bb5184bd7f7287a3922a66b78bdb330a5c
Ubuntu Security Notice USN-2849-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2849-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | a1a98844b4c2a11b68747717adfe49c0ebd896f8f591949ca53e7b528714ec65
Ubuntu Security Notice USN-2850-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2850-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | 8801a20dfe670ed0777b0812cfbdf2656a6759e6e01895b49721cb6f391a893f
Ubuntu Security Notice USN-2848-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2848-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | fc0f72b1e064467de2364cecc6ee0a59b06910e328536901a7907d726cba38d5
Ubuntu Security Notice USN-2847-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2847-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | a7cf252d76724c2696c8b0cb0001b4c7e59cffd0126ac0be2507a723b3d60e50
Ubuntu Security Notice USN-2846-1
Posted Dec 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2846-1 - Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8550, CVE-2015-8551, CVE-2015-8552
SHA-256 | 5e59637211ac669a6fd9f9623acc33991625d2d3212f5382f6bfe4f00e418b6a
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close