{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/106256?format=json","vulnerability_id":"VCID-nmwp-yn17-uqed","summary":"Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a \"write path.\"","aliases":[{"alias":"CVE-2015-8554"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/135921?format=json","purl":"pkg:deb/debian/xen@4.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.4.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135902?format=json","purl":"pkg:deb/debian/xen@4.14.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27xc-hy1s-n7bf"},{"vulnerability":"VCID-2qbn-f381-abhx"},{"vulnerability":"VCID-2wu6-2tup-2ub2"},{"vulnerability":"VCID-339r-nmjn-gfa2"},{"vulnerability":"VCID-3nb3-3wud-jfhv"},{"vulnerability":"VCID-5qmr-dc83-fqb1"},{"vulnerability":"VCID-6uvb-67h4-1fgy"},{"vulnerability":"VCID-7yrz-z3a2-vkgg"},{"vulnerability":"VCID-8gj8-dga7-gkht"},{"vulnerability":"VCID-8r4d-1tcs-13gd"},{"vulnerability":"VCID-9g21-rc3r-5uer"},{"vulnerability":"VCID-c58r-gesb-f7hq"},{"vulnerability":"VCID-cgzn-pdre-1bec"},{"vulnerability":"VCID-cvj7-478z-x3b1"},{"vulnerability":"VCID-dke6-vwb6-fuf4"},{"vulnerability":"VCID-dwq4-9tk2-8yfp"},{"vulnerability":"VCID-f7v4-85sw-1keq"},{"vulnerability":"VCID-fwx8-9f5e-v7hw"},{"vulnerability":"VCID-jcpf-68kx-67fr"},{"vulnerability":"VCID-jm1q-fxpu-qbg3"},{"vulnerability":"VCID-k3xq-ruut-3yhw"},{"vulnerability":"VCID-k5qj-xcvq-5ke1"},{"vulnerability":"VCID-k6gh-hx5m-wba2"},{"vulnerability":"VCID-kcwp-bu7h-6kds"},{"vulnerability":"VCID-kpyj-6qpe-pbep"},{"vulnerability":"VCID-ma7k-xrxw-vubd"},{"vulnerability":"VCID-ma9d-b2uy-jkft"},{"vulnerability":"VCID-mvnt-qc9z-jygu"},{"vulnerability":"VCID-navq-t6wp-xqaf"},{"vulnerability":"VCID-rm4s-2uwv-tkac"},{"vulnerability":"VCID-rw5e-3s13-hycn"},{"vulnerability":"VCID-su6k-nv2m-yqac"},{"vulnerability":"VCID-swjx-x5hb-n3c2"},{"vulnerability":"VCID-sx9z-gbkd-8fgv"},{"vulnerability":"VCID-t5nz-98gp-7fa1"},{"vulnerability":"VCID-t63z-5wwn-1bh9"},{"vulnerability":"VCID-t9tt-yd4b-r3cy"},{"vulnerability":"VCID-u4yc-hhne-2kaz"},{"vulnerability":"VCID-vj8v-zms6-gug9"},{"vulnerability":"VCID-vkt6-fjzc-4uay"},{"vulnerability":"VCID-w8sx-m2vx-1ucv"},{"vulnerability":"VCID-wuca-6w96-kfdp"},{"vulnerability":"VCID-x9md-fcrv-y7d8"},{"vulnerability":"VCID-xa2b-k4ye-e7d3"},{"vulnerability":"VCID-yqrw-w2g9-2kf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.14.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135900?format=json","purl":"pkg:deb/debian/xen@4.17.5%2B72-g01140da4e8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2qbn-f381-abhx"},{"vulnerability":"VCID-67uu-vpqg-gbc9"},{"vulnerability":"VCID-k5qj-xcvq-5ke1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.17.5%252B72-g01140da4e8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135904?format=json","purl":"pkg:deb/debian/xen@4.20.2%2B37-g61ff35323e-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qmr-dc83-fqb1"},{"vulnerability":"VCID-67uu-vpqg-gbc9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.20.2%252B37-g61ff35323e-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/135903?format=json","purl":"pkg:deb/debian/xen@4.20.2%2B37-g61ff35323e-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qmr-dc83-fqb1"},{"vulnerability":"VCID-67uu-vpqg-gbc9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.20.2%252B37-g61ff35323e-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/194755?format=json","purl":"pkg:ebuild/app-emulation/pvgrub@4.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/pvgrub@4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/194756?format=json","purl":"pkg:ebuild/app-emulation/pvgrub@4.6.0-r9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/pvgrub@4.6.0-r9"},{"url":"http://public2.vulnerablecode.io/api/packages/194750?format=json","purl":"pkg:ebuild/app-emulation/xen@4.6.0-r9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen@4.6.0-r9"},{"url":"http://public2.vulnerablecode.io/api/packages/194751?format=json","purl":"pkg:ebuild/app-emulation/xen-pvgrub@4.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-pvgrub@4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/194752?format=json","purl":"pkg:ebuild/app-emulation/xen-pvgrub@4.6.0-r9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-pvgrub@4.6.0-r9"},{"url":"http://public2.vulnerablecode.io/api/packages/194753?format=json","purl":"pkg:ebuild/app-emulation/xen-tools@4.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-tools@4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/194754?format=json","purl":"pkg:ebuild/app-emulation/xen-tools@4.6.0-r9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-tools@4.6.0-r9"}],"affected_packages":[],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8554.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8554","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19248","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1289129","reference_id":"1289129","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1289129"},{"reference_url":"https://security.gentoo.org/glsa/201604-03","reference_id":"GLSA-201604-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201604-03"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-164.html","reference_id":"XSA-164","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-164.html"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmwp-yn17-uqed"}