CVE-2015-7969 — Missing Release of Memory after Effective Lifetime in XEN

CWE-3998 documents6 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 82.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

XEN Debian XEN

Timeline

PublishedOct 30

Latest updateMay 14

Description

Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages3 packages

▶debiandebian/xen< xen 4.6.0-1 (bookworm)

▶Debianxen/xen< 4.6.0-1+3

▶NVDxen/xen25 versions+24

🔴Vulnerability Details

GHSA

GHSA-fpcv-vm34-hph7: Multiple memory leaks in Xen 4↗2022-05-14

▶

OSV

CVE-2015-7969: Multiple memory leaks in Xen 4↗2015-10-30

▶

📋Vendor Advisories

Red Hat

xen: leak of main per-domain vcpu pointer array↗2015-10-29

▶

Debian

CVE-2015-7969: xen - Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators ...↗2015

▶

💬Community

Bugzilla

CVE-2015-7969 CVE-2015-7970 CVE-2015-7813 CVE-2015-7814 CVE-2015-7812 CVE-2015-7971 CVE-2015-7835 CVE-2015-7972 xen: various flaws [fedora-all]↗2015-10-29

▶

Bugzilla

xen: Leak of per-domain profiling-related vcpu pointer array on x86↗2015-10-16

▶

Bugzilla

CVE-2015-7969 xen: leak of main per-domain vcpu pointer array↗2015-10-16

▶