CVE-2015-5307

Published: Nov 16, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2015:2636

vendor-advisory

x_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

x_refsource_CONFIRM

FEDORA-2015-f150b2a8c8

vendor-advisory

x_refsource_FEDORA

SUSE-SU-2015:2350

vendor-advisory

x_refsource_SUSE

https://kb.juniper.net/JSA10783

x_refsource_CONFIRM

DSA-3454

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20151110 Re: CVE-2015-5307 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #AC exception

mailing-list

x_refsource_MLIST

RHSA-2015:2645

vendor-advisory

x_refsource_REDHAT

USN-2802-1

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2015:2250

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

USN-2806-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2015:2194

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed

x_refsource_CONFIRM

openSUSE-SU-2015:2232

vendor-advisory

x_refsource_SUSE

USN-2805-1

vendor-advisory

x_refsource_UBUNTU

http://xenbits.xen.org/xsa/advisory-156.html

x_refsource_CONFIRM

SUSE-SU-2016:0354

vendor-advisory

x_refsource_SUSE

FEDORA-2015-668d213dc3

vendor-advisory

x_refsource_FEDORA

USN-2807-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2015:2339

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:2108

vendor-advisory

x_refsource_SUSE

USN-2801-1

vendor-advisory

x_refsource_UBUNTU

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

FEDORA-2015-394835a3f6

vendor-advisory

x_refsource_FEDORA

DSA-3414

vendor-advisory

x_refsource_DEBIAN

http://support.citrix.com/article/CTX202583

x_refsource_CONFIRM

USN-2800-1

vendor-advisory

x_refsource_UBUNTU

1034105

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

USN-2804-1

vendor-advisory

x_refsource_UBUNTU

https://bugzilla.redhat.com/show_bug.cgi?id=1277172

x_refsource_CONFIRM

RHSA-2016:0046

vendor-advisory

x_refsource_REDHAT

DSA-3396

vendor-advisory

x_refsource_DEBIAN

77528

vdb-entry

x_refsource_BID

USN-2803-1

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-5307

Description

Affected Products

References