CVE-2015-2752 — Improper Input Validation in XEN

CWE-20 — Improper Input Validation CWE-400 — Uncontrolled Resource Consumption7 documents6 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 68.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN Fedoraproject Fedora

Timeline

PublishedApr 1

Latest updateMay 14

Description

The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages3 packages

▶debiandebian/xen< xen 4.4.1-9 (bookworm)

▶Debianxen/xen< 4.4.1-9+3

▶NVDxen/xen6 versions+5

Also affects: Fedora 20, 21

Patches

Patch: xenbits.xen.org ↗Patch: xenbits.xen.org ↗

🔴Vulnerability Details

GHSA

GHSA-rf4p-xq4w-3f34: The XEN_DOMCTL_memory_mapping hypercall in Xen 3↗2022-05-14

▶

OSV

CVE-2015-2752: The XEN_DOMCTL_memory_mapping hypercall in Xen 3↗2015-04-01

▶

📋Vendor Advisories

Red Hat

xen: long latency MMIO mapping operations are not preemptible (xsa125)↗2015-03-31

▶

Debian

CVE-2015-2752: xen - The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a...↗2015

▶

💬Community

Bugzilla

CVE-2015-2752 xen: long latency MMIO mapping operations are not preemptible (xsa125) [fedora-all]↗2015-03-31

▶

Bugzilla

CVE-2015-2752 xen: long latency MMIO mapping operations are not preemptible (xsa125)↗2015-03-19

▶