CVE-2015-2751 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.1 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:N/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 80%

Affected Products (NVD)

Vendor	Product	Version
xen	xen	4.3.0
xen	xen	4.3.1
xen	xen	4.3.2
xen	xen	4.4.0
xen	xen	4.4.0:rc1
xen	xen	4.4.1
xen	xen	4.5.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

xen

bookworm	4.17.3+10-g091466ba55-1~deb12u1 fixed
bullseye	4.14.6-1 fixed
bullseye (security)	4.14.5+94-ge49571868d-1 fixed
sid	4.17.3+36-g54dacb5c02-1 fixed
squeeze	not-affected
trixie	4.17.3+36-g54dacb5c02-1 fixed
wheezy	not-affected

Ubuntu Releases

Ubuntu Product

Codename

xen

lucid	dne
precise	not-affected
trusty	Fixed 4.4.1-0ubuntu0.14.04.5 released
utopic	Fixed 4.4.1-0ubuntu0.14.10.5 released
vivid	Fixed 4.5.0-1ubuntu4 released

xen-3.3

lucid	not-affected
precise	dne
trusty	dne
utopic	dne
vivid	dne

Common Weakness Enumeration

CWE-17 -

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154574.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154579.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155198.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html

http://www.securityfocus.com/bid/73443

http://www.securitytracker.com/id/1031997

http://xenbits.xen.org/xsa/advisory-127.html

https://security.gentoo.org/glsa/201504-04

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154574.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154579.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155198.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html

http://www.securityfocus.com/bid/73443

http://www.securitytracker.com/id/1031997

http://xenbits.xen.org/xsa/advisory-127.html

https://security.gentoo.org/glsa/201504-04