Vulnerability Description
The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (host crash) by writing an invalid value to the GICD.SGIR register.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xen | Xen | 4.5.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/72591
- http://www.securitytracker.com/id/1031746
- http://xenbits.xen.org/xsa/advisory-117.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100868
- http://www.securityfocus.com/bid/72591
- http://www.securitytracker.com/id/1031746
- http://xenbits.xen.org/xsa/advisory-117.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100868
FAQ
What is CVE-2015-0268?
CVE-2015-0268 is a vulnerability with a CVSS score of 4.9 (MEDIUM). The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (h...
How severe is CVE-2015-0268?
CVE-2015-0268 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0268?
Check the references section above for vendor advisories and patch information. Affected products include: Xen Xen.