It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of service on the host, or potentially escalate their privileges on the host.
Find out more about CVE-2015-2151 from the
MITRE CVE dictionary dictionary and
This issue does affect the Xen hypervisor packages as shipped with Red Hat Enterprise Linux 5. Future Xen hypervisor packages updates might address this issue.