CVE-2015-8339

MEDIUM

Description

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.

ID	Name	Product	Family	Severity
91756	OracleVM 3.2 : xen (OVMSA-2016-0081)	Nessus	OracleVM Local Security Checks	high
91198	Debian DLA-479-1 : xen security update	Nessus	Debian Local Security Checks	medium
90380	GLSA-201604-03 : Xen: Multiple vulnerabilities (Venom)	Nessus	Gentoo Local Security Checks	high
90030	Debian DSA-3519-1 : xen - security update	Nessus	Debian Local Security Checks	high
89723	SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)	Nessus	SuSE Local Security Checks	high
89151	Fedora 23 : xen-4.5.2-5.fc23 (2015-12a089920e)	Nessus	Fedora Local Security Checks	high
89135	Fedora 22 : xen-4.5.2-5.fc22 (2015-08e4af5a20)	Nessus	Fedora Local Security Checks	high
88171	OracleVM 3.2 : xen (OVMSA-2016-0008)	Nessus	OracleVM Local Security Checks	high
88170	OracleVM 3.3 : xen (OVMSA-2016-0007)	Nessus	OracleVM Local Security Checks	high
88126	openSUSE Security Update : xen (openSUSE-2016-36)	Nessus	SuSE Local Security Checks	high
88125	openSUSE Security Update : xen (openSUSE-2016-35)	Nessus	SuSE Local Security Checks	high
88124	openSUSE Security Update : xen (openSUSE-2016-34)	Nessus	SuSE Local Security Checks	high
87750	FreeBSD : xen-kernel -- XENMEM_exchange error handling issues (bcad3faa-b40c-11e5-9728-002590263bf5)	Nessus	FreeBSD Local Security Checks	medium
87650	SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2338-1)	Nessus	SuSE Local Security Checks	high
87591	SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2328-1)	Nessus	SuSE Local Security Checks	high
87590	SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2326-1)	Nessus	SuSE Local Security Checks	high
87588	SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2324-1)	Nessus	SuSE Local Security Checks	high
87528	SUSE SLES11 Security Update : xen (SUSE-SU-2015:2306-1)	Nessus	SuSE Local Security Checks	medium
87373	Citrix XenServer Multiple memory_exchange() Hypercall Error Handling DoS (CTX203451)	Nessus	Misc.	medium

CVE-2015-8339

Description

References

Details

Risk Information

CVSS v2.0