CVE-2015-7812
EPSS 0.08%
Description
The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.
How to fix CVE-2015-7812
To remediate CVE-2015-7812, upgrade the affected package to a fixed version below.
- Debian/xen—upgrade to 4.6.0-1 or later
Is CVE-2015-7812 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4.6.0-1