CVE-2015-8550

high

Published 2016-04-14 · Modified 2026-05-06

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

8.2

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

8.2

Description

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.

Predictions

Exploit likelihood

78%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Debian Security Tracker · View original ↗ · DFSG

CVE-2015-8550 NameCVE-2015-8550 DescriptionXen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability. SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE…

CVE-2015-8550

Name	CVE-2015-8550
Description	Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-479-1, DSA-3434-1, DSA-3471-1, DSA-3519-1
Debian Bugs	809229, 823620

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	bullseye	5.10.223-1	fixed
	bullseye (security)	5.10.257-1	fixed
	bookworm	6.1.170-3	fixed
	bookworm (security)	6.1.174-1	fixed
	trixie	6.12.86-1	fixed
	trixie (security)	6.12.90-2	fixed
	forky	7.0.9-1	fixed
	sid	7.0.10-1	fixed
qemu (PTS)	bullseye	1:5.2+dfsg-11+deb11u3	fixed
	bullseye (security)	1:5.2+dfsg-11+deb11u5	fixed
	bookworm	1:7.2+dfsg-7+deb12u18	fixed
	bookworm (security)	1:7.2+dfsg-7+deb12u15	fixed
	trixie	1:10.0.8+ds-0+deb13u1	fixed
	trixie (security)	1:10.0.2+ds-2+deb13u1	fixed
	forky, sid	1:11.0.0+ds-2	fixed
xen (PTS)	bullseye	4.14.6-1	fixed
	bullseye (security)	4.14.5+94-ge49571868d-1	fixed
	bookworm, bookworm (security)	4.17.5+72-g01140da4e8-1	fixed
	trixie	4.20.2+37-g61ff35323e-0+deb13u1	fixed
	trixie (security)	4.20.2+7-g1badcf5035-0+deb13u1	fixed
	forky, sid	4.20.2+37-g61ff35323e-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
linux	source	experimental	4.4~rc6-1~exp1
linux	source	wheezy	3.2.73-2+deb7u2		DSA-3434-1
linux	source	jessie	3.16.7-ckt20-1+deb8u2		DSA-3434-1
linux	source	(unstable)	4.3.3-3
linux-2.6	source	(unstable)	(unfixed)
qemu	source	squeeze	(not affected)
qemu	source	wheezy	(not affected)
qemu	source	jessie	1:2.1+dfsg-12+deb8u5a		DSA-3471-1
qemu	source	(unstable)	1:2.5+dfsg-2			809229
qemu-kvm	source	squeeze	(not affected)
qemu-kvm	source	wheezy	(not affected)
qemu-kvm	source	(unstable)	(unfixed)
xen	source	squeeze	(unfixed)	end-of-life
xen	source	wheezy	4.1.6.1-1+deb7u1		DLA-479-1
xen	source	jessie	4.4.1-9+deb8u4		DSA-3519-1
xen	source	(unstable)	4.8.0~rc3-1			823620

Notes

[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
[wheezy] - qemu <not-affected> (vulnerable code not present)
[squeeze] - qemu <not-affected> (vulnerable code not present)
[wheezy] - qemu-kvm <not-affected> (vulnerable code not present)
[squeeze] - qemu-kvm <not-affected> (vulnerable code not present)
[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
http://xenbits.xen.org/xsa/advisory-155.html
https://git.kernel.org/linus/454d5d882c7e412b840e3c99010fe81a9862f6fb
https://git.kernel.org/linus/0f589967a73f1f30ab4ac4dd9ce0bb399b4d6357
https://git.kernel.org/linus/68a33bfd8403e4e22847165d149823a2e0e67c9c
https://git.kernel.org/linus/1f13d75ccb806260079e0679d55d9253e370ec8a
https://git.kernel.org/linus/18779149101c0dd43ded43669ae2a92d21b6f9cb
https://git.kernel.org/linus/be69746ec12f35b484707da505c6c76ff06f97dc
https://git.kernel.org/linus/8135cf8b092723dbfcc611fe6fdcb3a36c9951c5

Home - Debian Security - Source (Git)

Apply commands

text fix

Notes

[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)[wheezy] - qemu <not-affected> (vulnerable code not present)[squeeze] - qemu <not-affected> (vulnerable code not present)[wheezy] - qemu-kvm <not-affected> (vulnerable code not present)[squeeze] - qemu-kvm <not-affected> (vulnerable code not present)[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)http://xenbits.xen.org/xsa/advisory-155.htmlhttps://git.kernel.org/linus/454d5d882c7e412b840e3c99010fe81a9862f6fbhttps://git.kernel.org/linus/0f589967a73f1f30ab4ac4dd9ce0bb399b4d6357https://git.kernel.org/linus/68a33bfd8403e4e22847165d149823a2e0e67c9chttps://git.kernel.org/linus/1f13d75ccb806260079e0679d55d9253e370ec8ahttps://git.kernel.org/linus/18779149101c0dd43ded43669ae2a92d21b6f9cbhttps://git.kernel.org/linus/be69746ec12f35b484707da505c6c76ff06f97dchttps://git.kernel.org/linus/8135cf8b092723dbfcc611fe6fdcb3a36c9951c5

OS impact

Debian Fixed 5 releases

Version	Status	Fixed in
trixie	Fixed	`4.3.3-3`
sid	Fixed	`4.3.3-3`
forky	Fixed	`4.3.3-3`
bullseye	Fixed	`4.3.3-3`
bookworm	Fixed	`4.3.3-3`

References

CWEs

CWE-284

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.