Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-8552

EPSS 0.16% · P37
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-8552

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Xen 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Xen是英国剑桥大学开发的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 Xen的PCI后端驱动程序中存在安全漏洞。当程序运行在x86系统上并使用Linux 3.1.x版本至4.3.x版本作为驱动域时,本地攻击者可借助拥有passed-through MSI或MSI-X capable physical PCI设备访问权限和XEN_PCI_OP_enable_msi操作执行权限的系统,利用该漏洞生成连续的WARN消息流
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2015-8552

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2015-8552

Please Login to view more intelligence information

Same Patch Batch · n/a · 2016-04-13 · 54 CVEs total

CVE-2015-8080Redis Labs Redis 输入验证错误漏洞
CVE-2016-2780Huawei UTPS 不可信搜索路径漏洞
CVE-2015-8682Huawei P8 拒绝服务漏洞
CVE-2016-1577JasPer 双重释放漏洞
CVE-2016-1496Huawei P8 图形驱动组件拒绝服务漏洞
CVE-2016-1495Huawei Mate S 整数溢出漏洞
CVE-2016-2116JasPer 内存泄露漏洞
CVE-2015-8555Xen 信息泄露漏洞
CVE-2015-8553Xen 安全漏洞
CVE-2015-8551Xen PCI后端驱动程序拒绝服务漏洞
CVE-2015-8606SilverStripe CMS & Framework 跨站脚本漏洞
CVE-2015-7555giflib 基于堆的缓冲区溢出漏洞
CVE-2015-7545Git 远程命令执行漏洞
CVE-2015-0861trytond 安全漏洞
CVE-2016-4009Pillow‘ImagingResampleHorizontal’函数整数溢出漏洞
CVE-2016-3982OptiPNG 差一错误漏洞
CVE-2016-3981OptiPNG 基于堆的缓冲区溢出漏洞
CVE-2016-3686F5 BIG-IP APM和BIG-IP Edge Gateway 安全漏洞
CVE-2016-3630Mercurial binary delta解码器任意代码执行漏洞
CVE-2016-3159Xen 安全漏洞

Showing top 20 of 54 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2015-8552

No comments yet

Leave a comment