CVE-2015-2756

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154574.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154579.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155198.html

http://lists.nongnu.org/archive/html/qemu-devel/2015-03/msg06179.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html

http://support.citrix.com/article/CTX201145

http://www.debian.org/security/2015/dsa-3259

http://www.securityfocus.com/bid/72577

http://www.securitytracker.com/id/1031998

http://www.ubuntu.com/usn/USN-2608-1

http://xenbits.xen.org/xsa/advisory-126.html

https://security.gentoo.org/glsa/201504-04

https://support.citrix.com/article/CTX206006

Details

Source: MITRE

Published: 2015-04-01

Updated: 2018-10-30

Type: CWE-264

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
91198Debian DLA-479-1 : xen security updateNessusDebian Local Security Checks
high
88737OracleVM 2.2 : xen (OVMSA-2016-0012)NessusOracleVM Local Security Checks
high
84705FreeBSD : xen-tools -- Unmediated PCI command register access in qemu (79f401cd-27e6-11e5-a4a5-002590263bf5)NessusFreeBSD Local Security Checks
medium
84333openSUSE Security Update : xen (openSUSE-2015-434) (Venom)NessusSuSE Local Security Checks
high
84140OracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)NessusOracleVM Local Security Checks
low
83720SUSE SLED11 / SLES11 Security Update : Xen (SUSE-SU-2015:0747-1)NessusSuSE Local Security Checks
high
83719SUSE SLES11 Security Update : Xen (SUSE-SU-2015:0746-1)NessusSuSE Local Security Checks
high
83718SUSE SLES11 Security Update : Xen (SUSE-SU-2015:0745-1)NessusSuSE Local Security Checks
high
83714SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:0701-1)NessusSuSE Local Security Checks
high
83483OracleVM 3.2 : xen (OVMSA-2015-0058) (Venom)NessusOracleVM Local Security Checks
high
83482OracleVM 3.3 : xen (OVMSA-2015-0057) (Venom)NessusOracleVM Local Security Checks
high
83435Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : qemu, qemu-kvm vulnerabilities (USN-2608-1) (Venom)NessusUbuntu Local Security Checks
high
83422Debian DSA-3259-1 : qemu - security update (Venom)NessusDebian Local Security Checks
high
82990SuSE 11.3 Security Update : Xen (SAT Patch Number 10560)NessusSuSE Local Security Checks
high
82952Fedora 22 : xen-4.5.0-7.fc22 (2015-5295)NessusFedora Local Security Checks
high
82907openSUSE Security Update : xen (openSUSE-2015-314)NessusSuSE Local Security Checks
high
82734GLSA-201504-04 : Xen: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
82730Fedora 20 : xen-4.3.4-2.fc20 (2015-5402)NessusFedora Local Security Checks
high
82729Fedora 21 : xen-4.4.2-2.fc21 (2015-5208)NessusFedora Local Security Checks
high