Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2015-4163

GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.

  • Published: Jun 15, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-4163
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.9
  • AV:L/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Software From Fixed in
xen / xen 4.2.2 4.2.2.x
xen / xen 4.2.3 4.2.3.x
xen / xen 4.3.0 4.3.0.x
xen / xen 4.4.0-rc1 4.4.0-rc1.x
xen / xen 4.2.0 4.2.0.x
xen / xen 4.4.1 4.4.1.x
xen / xen 4.3.4 4.3.4.x
xen / xen 4.3.1 4.3.1.x
xen / xen 4.2.1 4.2.1.x
xen / xen 4.5.0 4.5.0.x
xen / xen 4.4.0 4.4.0.x