Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2015-7970

The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory contents that triggers a "time-consuming linear scan," related to Populate-on-Demand.

  • Published: Oct 30, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-7970
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.9
  • AV:L/AC:L/Au:N/C:N/I:N/A:C

CWEs:

Software From Fixed in
xen / xen 3.4.0 3.4.0.x
xen / xen 3.4.4 3.4.4.x
xen / xen 3.4.3 3.4.3.x
xen / xen 3.4.2 3.4.2.x
xen / xen 3.4.1 3.4.1.x