CVE-2015-4105
EPSS 0.12%
Description
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
How to fix CVE-2015-4105
To remediate CVE-2015-4105, upgrade the affected package to a fixed version below.
- Debian/qemu—upgrade to 1:2.3+dfsg-5 or later
- Debian/xen—upgrade to 4.4.0-1 or later
Is CVE-2015-4105 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1:2.3+dfsg-5
- from 0, < 4.4.0-1