Denial of Service Vulnerability in Xen's xenmem_add_to_physmap_one Function

Denial of Service Vulnerability in Xen's xenmem_add_to_physmap_one Function

CVE-2015-6654 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest.

Learn more about our Web Application Penetration Testing UK.