CVE-2015-2151

HIGH

Description

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.

ID	Name	Product	Family	Severity
140019	OracleVM 3.4 : xen (OVMSA-2020-0039) (Bunker Buster) (Foreshadow) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (Meltdown) (POODLE) (Spectre)	Nessus	OracleVM Local Security Checks	critical
111992	OracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)	Nessus	OracleVM Local Security Checks	critical
90380	GLSA-201604-03 : Xen: Multiple vulnerabilities (Venom)	Nessus	Gentoo Local Security Checks	high
89968	CentOS 5 : kernel (CESA-2016:0450)	Nessus	CentOS Local Security Checks	high
89957	Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20160315)	Nessus	Scientific Linux Local Security Checks	high
89956	RHEL 5 : kernel (RHSA-2016:0450)	Nessus	Red Hat Local Security Checks	high
89953	Oracle Linux 5 : kernel (ELSA-2016-0450)	Nessus	Oracle Linux Local Security Checks	high
84708	FreeBSD : xen-kernel -- Hypervisor memory corruption due to x86 emulator flaw (83a28417-27e3-11e5-a4a5-002590263bf5)	Nessus	FreeBSD Local Security Checks	high
84333	openSUSE Security Update : xen (openSUSE-2015-434) (Venom)	Nessus	SuSE Local Security Checks	high
84140	OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)	Nessus	OracleVM Local Security Checks	high
83720	SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2015:0747-1)	Nessus	SuSE Local Security Checks	high
83719	SUSE SLES11 Security Update : Xen (SUSE-SU-2015:0746-1)	Nessus	SuSE Local Security Checks	high
83718	SUSE SLES11 Security Update : Xen (SUSE-SU-2015:0745-1)	Nessus	SuSE Local Security Checks	high
83717	SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)	Nessus	SuSE Local Security Checks	high
83707	SUSE SLED12 / SLES12 Security Update : Xen (SUSE-SU-2015:0613-1)	Nessus	SuSE Local Security Checks	high
82990	SuSE 11.3 Security Update : Xen (SAT Patch Number 10560)	Nessus	SuSE Local Security Checks	high
82907	openSUSE Security Update : xen (openSUSE-2015-314)	Nessus	SuSE Local Security Checks	high
82054	Fedora 21 : xen-4.4.1-16.fc21 (2015-3944)	Nessus	Fedora Local Security Checks	high
82051	Fedora 20 : xen-4.3.3-12.fc20 (2015-3721)	Nessus	Fedora Local Security Checks	high
81987	Fedora 22 : xen-4.5.0-6.fc22 (2015-3935)	Nessus	Fedora Local Security Checks	high
81874	OracleVM 2.2 : xen (OVMSA-2015-0035)	Nessus	OracleVM Local Security Checks	high
81768	OracleVM 3.2 : xen (OVMSA-2015-0032)	Nessus	OracleVM Local Security Checks	high
81767	OracleVM 3.3 : xen (OVMSA-2015-0031)	Nessus	OracleVM Local Security Checks	high
81748	Debian DSA-3181-1 : xen - security update	Nessus	Debian Local Security Checks	high

CVE-2015-2151

Description

References

Details

Risk Information

CVSS v2.0