CVE-2015-8550
Severity
8.2HIGH
EPSS
16.0%
top 5.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 14
Latest updateMay 17
Description
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0
Affected Packages8 packages
🔴Vulnerability Details
8GHSA▶
GHSA-cv84-8x9g-5qcr: Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges↗2022-05-17
CVEList▶
CVE-2015-8550: Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges↗2016-04-14
OSV▶
CVE-2015-8550: Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges↗2016-04-14