What is CVE-2015-8551?

CVE-2015-8551 is a medium-severity vulnerability in Linux Linux_kernel, classified under NULL Pointer Dereference. CVSS score: 6.0/10. Published 2016-04-13.

How severe is CVE-2015-8551?

Medium severity. CVSS v3 base score is 6.0 out of 10.

Is CVE-2015-8551 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

NULL pointer dereference in Linux Linux_kernel

CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host…

EPSS: 0.001 (22.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H.

Affected products

Linux Linux_kernel
Debian Debian_linux — versions 7.0, 8.0
Opensuse — versions 13.1
Suse Linux_enterprise_desktop — versions 11, 12
Suse Linux_enterprise_real_time_extension — versions 11, 12
Suse Linux_enterprise_server — versions 11, 12
Suse Linux_enterprise_software_development_kit — versions 11, 12
Suse Linux_enterprise_workstation_extension — versions 12
N/a — versions n/a

Weakness classification (CWE)

CWE-476 — NULL Pointer Dereference

Public proof-of-concept exploits

thdusdl1219/CVE-Study

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
1034480 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
openSUSE-SU-2016:2184 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
SUSE-SU-2016:1764 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
SUSE-SU-2016:1102 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
SUSE-SU-2016:1707 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
GLSA-201604-03 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
SUSE-SU-2016:2105 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
DSA-3434 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
79546 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2015-8551?: CVE-2015-8551 is a medium-severity vulnerability in Linux Linux_kernel, classified under NULL Pointer Dereference. CVSS score: 6.0/10. Published 2016-04-13.
How severe is CVE-2015-8551?: Medium severity. CVSS v3 base score is 6.0 out of 10.
Is CVE-2015-8551 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.