CVE-2015-8615

Name of the Vulnerable Software and Affected Versions Xen version 4.6

Description The issue allows local HVM guest OS users to cause a denial of service by making a large number of changes to the callback method, resulting in an excessive number of printk console messages. This occurs due to the lack of limitation on the number of messages in the hvm set callback via function.

Recommendations For Xen version 4.6, consider restricting changes to the callback method to prevent excessive printk console messages until a patch is available. As a temporary workaround, limiting the number of changes to the callback method (HVM PARAM CALLBACK IRQ) may help minimize the risk of denial of service.