CVE-2015-8341

The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains.

Published: Dec 17, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-8341
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
xen / xen	4.3.2	4.3.2.x
xen / xen	4.6.0	4.6.0.x
xen / xen	4.1.5	4.1.5.x
xen / xen	4.2.2	4.2.2.x
xen / xen	4.2.3	4.2.3.x
xen / xen	4.3.3	4.3.3.x
xen / xen	4.3.0	4.3.0.x
xen / xen	4.1.2	4.1.2.x
xen / xen	4.5.2	4.5.2.x
xen / xen	4.4.2	4.4.2.x
xen / xen	4.4.3	4.4.3.x
xen / xen	4.1.1	4.1.1.x
xen / xen	4.2.0	4.2.0.x
xen / xen	4.1.0	4.1.0.x
xen / xen	4.1.6	4.1.6.x
xen / xen	4.2.5	4.2.5.x
xen / xen	4.1.3	4.1.3.x
xen / xen	4.1.6.1	4.1.6.1.x
xen / xen	4.3.4	4.3.4.x
xen / xen	4.5.1	4.5.1.x
xen / xen	4.2.4	4.2.4.x
xen / xen	4.1.4	4.1.4.x
xen / xen	4.4.1	4.4.1.x
xen / xen	4.3.1	4.3.1.x
xen / xen	4.2.1	4.2.1.x
xen / xen	4.5.0	4.5.0.x
xen / xen	4.4.0	4.4.0.x

Vulnerability Database

290,301

CVE-2015-8341