Denial of Service Vulnerability in Xen's compat_iret Function

Denial of Service Vulnerability in Xen's compat_iret Function

CVE-2015-4164 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.

Learn more about our Web Application Penetration Testing UK.