KLA10527
Multiple vulnerabilities in different versions of Xen
Обновлено: 17/06/2019
Дата обнаружения
01/04/2015
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in Xen. Malicious users can exploit these vulnerabilities to cause denial of service or bypass security restrictions.

Below is a complete list of vulnerabilities

  1. Unknown vulnerability can be exploited remotely via a logger or domctl manipulations;
  2. Lack of restrctions can be exploited locally via a systrem variables or VNC manipulations;
  3. Improper access restrictions can be exploited remotely via PCI device manipulations.
Пораженные продукты

Xen 4.5 all versions and earlier

Решение

Update to the latest version
Get Xen

Оказываемое влияние
?
DoS 
[?]

SB 
[?]
CVE-IDS
CVE-2015-27524.9Warning
CVE-2015-27517.1High
CVE-2015-15632.1Warning
CVE-2015-27564.9Warning
CVE-2015-21521.9Warning