UBUNTU-CVE-2015-2150
Advisory lineage Upstream: 1 Downstream: 2
Upstream
Downstream
Published: 12 Mar 2015, 00:00
Last modified:12 May 2026, 13:24
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
12 Mar 2015, 00:00
Published
Vulnerability first disclosed
12 May 2026, 13:24
Last Modified
Vulnerability information updated
Description
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Affected Systems
- ubuntu•linux
< 3.13.0-53.88
- ubuntu•linux-azure
all
- ubuntu•linux-azure-6.11
all
- ubuntu•linux-azure-fde
all
- ubuntu•linux-azure-fde-5.15
all
- ubuntu•linux-gcp
all
- ubuntu•linux-gcp-6.11
all
- ubuntu•linux-gke
all
- ubuntu•linux-gkeop
all
- ubuntu•linux-hwe
all
- ubuntu•linux-hwe-6.11
all
- ubuntu•linux-hwe-edge
all
- ubuntu•linux-intel-iot-realtime
all
- ubuntu•linux-lowlatency-hwe-6.11
all
- ubuntu•linux-lts-utopic
< 3.16.0-36.48~14.04.1
- ubuntu•linux-raspi-realtime
all
- ubuntu•linux-raspi2
all
- ubuntu•linux-realtime
all | all
- ubuntu•linux-riscv
all | all | all
References (11)
- https://ubuntu.com/security/CVE-2015-2150
- http://xenbits.xen.org/xsa/advisory-120.html
- http://xenbits.xen.org/xsa/xsa120.patch
- http://xenbits.xen.org/xsa/xsa120-classic.patch
- https://ubuntu.com/security/notices/USN-2589-1
- https://ubuntu.com/security/notices/USN-2590-1
- https://ubuntu.com/security/notices/USN-2613-1
- https://ubuntu.com/security/notices/USN-2614-1
- https://ubuntu.com/security/notices/USN-2631-1
- https://ubuntu.com/security/notices/USN-2632-1
- https://www.cve.org/CVERecord?id=CVE-2015-2150