{"id":"CVE-2015-8338","details":"Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors.","modified":"2026-04-16T01:47:54.945461808Z","published":"2015-12-17T19:59:06Z","withdrawn":"2026-01-27T04:15:12.548591Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3633"},{"type":"ADVISORY","url":"http://xenbits.xen.org/xsa/advisory-158.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/78920"},{"type":"WEB","url":"http://www.securitytracker.com/id/1034390"}],"schema_version":"1.7.3"}