CVE-2015-7969
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2015-7969 from the MITRE CVE dictionary dictionary and NIST NVD.
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 5 | xen | Not affected |
Mitigation
The leak is small. Preventing the creation of large numbers of new domains, and limiting the number of times an existing domain can be rebooted, can reduce the impact of this vulnerability. Switching from disaggregated to a non-disaggregated operation does NOT mitigate the XEN_DOMCTL_max_vcpus vulnerability. Rather, it simply recategorises the vulnerability to hostile management code, regarding it "as designed"; thus it merely reclassifies these issues as "not a bug". Users and vendors of disaggregated systems should not change their configuration.
External References
CVE description copyright © 2017, The MITRE Corporation
