CVE-2015-7835

Description

The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.

Risk Information

Base Score

8.2

MODERATE

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Score

Exploitation Probability

0.122

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234