[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-5307Date: (C)2015-12-15   (M)2024-03-21


The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1034105
BID-77528
DSA-3396
DSA-3414
DSA-3454
FEDORA-2015-394835a3f6
FEDORA-2015-668d213dc3
FEDORA-2015-f150b2a8c8
RHSA-2015:2636
RHSA-2015:2645
RHSA-2016:0046
SUSE-SU-2015:2108
SUSE-SU-2015:2194
SUSE-SU-2015:2339
SUSE-SU-2015:2350
SUSE-SU-2016:0354
SUSE-SU-2016:2074
USN-2800-1
USN-2801-1
USN-2802-1
USN-2803-1
USN-2804-1
USN-2805-1
USN-2806-1
USN-2807-1
http://www.openwall.com/lists/oss-security/2015/11/10/6
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed
http://support.citrix.com/article/CTX202583
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://xenbits.xen.org/xsa/advisory-156.html
https://bugzilla.redhat.com/show_bug.cgi?id=1277172
https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed
https://kb.juniper.net/JSA10783
openSUSE-SU-2015:2232
openSUSE-SU-2015:2250

CWE    1
CWE-399
OVAL    37
oval:org.secpod.oval:def:109734
oval:org.secpod.oval:def:1501307
oval:org.secpod.oval:def:109978
oval:org.secpod.oval:def:109737
...

© SecPod Technologies