CVE-2015-8551

Source
https://nvd.nist.gov/vuln/detail/CVE-2015-8551
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2015-8551.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2015-8551
Downstream
Related
Published
2016-04-13T15:59:05Z
Modified
2025-08-09T19:01:28Z
Severity
  • 6.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XENPCIOP_* operations, aka "Linux pciback missing sanity checks."

References

Affected packages