CVE-2015-8553

MEDIUM(6.5)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Risk Signal Score16/100 — NIEDRIG

CVSS 6.5 — Mittel

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.5

Technische Schwere

Beschreibung

Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.

Referenzen

http://xenbits.xen.org/xsa/advisory-120.html
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497
http://xenbits.xen.org/xsa/advisory-120.html
https://seclists.org/bugtraq/2019/Aug/18
https://www.debian.org/security/2019/dsa-4497