CVE-2015-8552 (GCVE-0-2015-8552)
Vulnerability from cvelistv5 – Published: 2016-04-13 15:00 – Updated: 2024-08-06 08:20
VLAI
EPSS
VEX
Summary
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."
Severity
4.4 (Medium)
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://xenbits.xen.org/xsa/advisory-157.html | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1034480 | vdb-entryx_refsource_SECTRACK |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://security.gentoo.org/glsa/201604-03 | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.debian.org/security/2016/dsa-3434 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/79546 | vdb-entryx_refsource_BID |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public
2015-12-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:43.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-157.html"
},
{
"name": "1034480",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034480"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1102",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
},
{
"name": "SUSE-SU-2016:1707",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "DSA-3434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "79546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79546"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"name": "SUSE-SU-2016:0911",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \"Linux pciback missing sanity checks.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-157.html"
},
{
"name": "1034480",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034480"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1102",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
},
{
"name": "SUSE-SU-2016:1707",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "DSA-3434",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "79546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79546"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"name": "SUSE-SU-2016:0911",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \"Linux pciback missing sanity checks.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/advisory-157.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-157.html"
},
{
"name": "1034480",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034480"
},
{
"name": "openSUSE-SU-2016:2184",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:1764",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1102",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html"
},
{
"name": "SUSE-SU-2016:1707",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2016:2105",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "DSA-3434",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3434"
},
{
"name": "79546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79546"
},
{
"name": "SUSE-SU-2016:1937",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"name": "SUSE-SU-2016:0911",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8552",
"datePublished": "2016-04-13T15:00:00.000Z",
"dateReserved": "2015-12-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:20:43.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-8552",
"date": "2026-07-09",
"epss": "0.00446",
"percentile": "0.35871"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7568820A-ED66-47DF-A9B0-27A474D6C2C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D8C046D-BE62-43BA-9F50-B4D383475EA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B81B6EEB-D01E-432D-AEBF-707409741C0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A4B60DE-A8C0-459E-A99C-6EF0D3264B75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A83F4F7E-53CF-4066-857B-2154D25979D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"048E790E-B0A1-4504-9299-0B6D9CB0C509\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB157D09-B91B-486A-A9F7-C9BA75AE8823\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA95119D-EAF1-48D4-AE7C-0C4927D06CDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D40E4E4-3FCB-4980-8DD2-49DDABCB398E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F7D1B7E-C30F-430F-832D-2A405DA1F2D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7C1D0AD-B804-474C-96A3-988BADA0DAD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DCD1F05-9F96-40DD-B506-750E87306325\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60BADA43-94D5-4E80-B5C8-D01A0249F13E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"550223A9-B9F1-440A-8C25-9F0F76AF7301\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC734D58-96E5-4DD2-8781-F8E0ADB96462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62CEC1BF-1922-410D-BCBA-C58199F574C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"923F2C2B-4A65-4823-B511-D0FEB7C7FAB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D532B60-C8DD-4A2F-9D05-E574D23EB754\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D83CA8B-8E49-45FA-8FAB-C15052474542\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27537DF5-7E0F-463F-BA87-46E329EE07AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EA4F978-9145-4FE6-B4F9-15207E52C40A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22A995FD-9B7F-4DF0-BECF-4B086E470F1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"219597E2-E2D7-4647-8A7C-688B96300158\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0C59417-493C-493A-9AB2-317F240BF387\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65E55950-EACA-4209-B2A1-E09026FC6006\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47640819-FC43-49ED-8A77-728C3D7255B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2448537F-87AD-45C1-9FB0-7A49CA31BD76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E36B2265-70E1-413B-A7CF-79D39E9ADCFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37148A72-BE20-45C5-8589-2309ED84D08C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB736B4C-325A-4B27-8C8A-15E60B8A8C82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF948E6A-07BE-4C7D-8A98-002E89D35F4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0E23B94-1726-4F63-84BB-8D83FAB156D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F30B5EF5-0AE8-420B-A103-B1B25A372F09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F784EF07-DBEC-492A-A0F4-F9F7B2551A0B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"036E8A89-7A16-411F-9D31-676313BB7244\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"B942E0F5-7FDC-4AE5-985D-25F4EA7406F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFF56CE7-91EF-4FF9-B306-5F00249D9FEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AB3CAA1-C20C-4A86-841E-EC0858164D7D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \\\"Linux pciback missing sanity checks.\\\"\"}, {\"lang\": \"es\", \"value\": \"El controlador backend PCI en Xen, cuando se ejecuta en un sistema x86 y utiliza Linux 3.1.x hasta la versi\\u00f3n 4.3.x como dominio de controlador, permite a administradores locales invitados generar un flujo continuo de mensajes WARN y provocar una denegaci\\u00f3n de servicio (consumo de disco) aprovechando un sistema con acceso a un dispositivo f\\u00edsico PCI capaz de pasar a trav\\u00e9s de MSI o MSI-X y operaciones XEN_PCI_OP_enable_msi, tambi\\u00e9n conocido como \\\"Lenux pciback missing sanity checks\\\".\"}]",
"id": "CVE-2015-8552",
"lastModified": "2024-11-21T02:38:42.987",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:S/C:N/I:N/A:P\", \"baseScore\": 1.7, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.1, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-04-13T15:59:06.257",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3434\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/79546\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1034480\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-157.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201604-03\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3434\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/79546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1034480\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://xenbits.xen.org/xsa/advisory-157.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201604-03\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-8552\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-04-13T15:59:06.257\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka \\\"Linux pciback missing sanity checks.\\\"\"},{\"lang\":\"es\",\"value\":\"El controlador backend PCI en Xen, cuando se ejecuta en un sistema x86 y utiliza Linux 3.1.x hasta la versi\u00f3n 4.3.x como dominio de controlador, permite a administradores locales invitados generar un flujo continuo de mensajes WARN y provocar una denegaci\u00f3n de servicio (consumo de disco) aprovechando un sistema con acceso a un dispositivo f\u00edsico PCI capaz de pasar a trav\u00e9s de MSI o MSI-X y operaciones XEN_PCI_OP_enable_msi, tambi\u00e9n conocido como \\\"Lenux pciback missing sanity checks\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":1.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.1,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7568820A-ED66-47DF-A9B0-27A474D6C2C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D8C046D-BE62-43BA-9F50-B4D383475EA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B81B6EEB-D01E-432D-AEBF-707409741C0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A4B60DE-A8C0-459E-A99C-6EF0D3264B75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A83F4F7E-53CF-4066-857B-2154D25979D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048E790E-B0A1-4504-9299-0B6D9CB0C509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB157D09-B91B-486A-A9F7-C9BA75AE8823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA95119D-EAF1-48D4-AE7C-0C4927D06CDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D40E4E4-3FCB-4980-8DD2-49DDABCB398E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F7D1B7E-C30F-430F-832D-2A405DA1F2D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7C1D0AD-B804-474C-96A3-988BADA0DAD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DCD1F05-9F96-40DD-B506-750E87306325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60BADA43-94D5-4E80-B5C8-D01A0249F13E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550223A9-B9F1-440A-8C25-9F0F76AF7301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC734D58-96E5-4DD2-8781-F8E0ADB96462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CEC1BF-1922-410D-BCBA-C58199F574C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"923F2C2B-4A65-4823-B511-D0FEB7C7FAB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D532B60-C8DD-4A2F-9D05-E574D23EB754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D83CA8B-8E49-45FA-8FAB-C15052474542\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27537DF5-7E0F-463F-BA87-46E329EE07AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EA4F978-9145-4FE6-B4F9-15207E52C40A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22A995FD-9B7F-4DF0-BECF-4B086E470F1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"219597E2-E2D7-4647-8A7C-688B96300158\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0C59417-493C-493A-9AB2-317F240BF387\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65E55950-EACA-4209-B2A1-E09026FC6006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47640819-FC43-49ED-8A77-728C3D7255B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2448537F-87AD-45C1-9FB0-7A49CA31BD76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36B2265-70E1-413B-A7CF-79D39E9ADCFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37148A72-BE20-45C5-8589-2309ED84D08C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB736B4C-325A-4B27-8C8A-15E60B8A8C82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF948E6A-07BE-4C7D-8A98-002E89D35F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0E23B94-1726-4F63-84BB-8D83FAB156D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F30B5EF5-0AE8-420B-A103-B1B25A372F09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F784EF07-DBEC-492A-A0F4-F9F7B2551A0B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E8A89-7A16-411F-9D31-676313BB7244\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"B942E0F5-7FDC-4AE5-985D-25F4EA7406F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFF56CE7-91EF-4FF9-B306-5F00249D9FEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AB3CAA1-C20C-4A86-841E-EC0858164D7D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3434\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/79546\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034480\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://xenbits.xen.org/xsa/advisory-157.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201604-03\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3434\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/79546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034480\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://xenbits.xen.org/xsa/advisory-157.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201604-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2025-11-21T12:07:51+00:00",
"cve": "CVE-2015-8552",
"id": "CVE-2015-8552",
"initial_release_date": "2015-12-17T00:00:00+00:00",
"product_status:known_affected": "1",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "xen: Linux pciback missing sanity checks leading to crash (XSA-157)",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2015/cve-2015-8552.json",
"version": "3"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…