KLA10527
Multiple vulnerabilities in different versions of Xen
Updated: 06/01/2019
Detect date
?
04/01/2015
Severity
?
High
Description

Multiple serious vulnerabilities have been found in Xen. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions.

Below is a complete list of vulnerabilities

  1. Unknown vulnerability can be exploited remotely via a logger or domctl manipulations;
  2. Lack of restrctions can be exploited locally via a systrem variables or VNC manipulations;
  3. Improper access restrictions can be exploited remotely via PCI device manipulations.
Affected products

Xen 4.5 all versions and earlier

Solution

Update to the latest version
Get Xen

Impacts
?
DoS 
[?]

SB 
[?]
CVE-IDS
?
CVE-2015-27524.9Warning
CVE-2015-27517.1High
CVE-2015-15632.1Warning
CVE-2015-27564.9Warning
CVE-2015-21521.9Warning