Vulnerability in Linux Linux_kernel

CVE-2015-2150

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling…

EPSS: 0.001 (28.9th percentile) — read the EPSS interpretation.

Affected products

Linux Linux_kernel
Xen — versions 3.3.0, 3.3.1, 3.3.2
Ubuntu — versions 12.04
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

USN-2631-1 (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)
SUSE-SU-2015:0658 (vendor-advisory, x_refsource_SUSE)
USN-2632-1 (x_refsource_UBUNTU, vendor-advisory)
FEDORA-2015-6100 (x_refsource_FEDORA, vendor-advisory)
FEDORA-2015-6294 (x_refsource_FEDORA, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM)
SUSE-SU-2015:1611 (vendor-advisory, x_refsource_SUSE)
DSA-3237 (vendor-advisory, x_refsource_DEBIAN)