CVE-2015-5307

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html

http://rhn.redhat.com/errata/RHSA-2015-2636.html

http://rhn.redhat.com/errata/RHSA-2015-2645.html

http://rhn.redhat.com/errata/RHSA-2016-0046.html

http://support.citrix.com/article/CTX202583

http://www.debian.org/security/2015/dsa-3396

http://www.debian.org/security/2015/dsa-3414

http://www.debian.org/security/2016/dsa-3454

http://www.openwall.com/lists/oss-security/2015/11/10/6

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

http://www.securityfocus.com/bid/77528

http://www.securitytracker.com/id/1034105

http://www.ubuntu.com/usn/USN-2800-1

http://www.ubuntu.com/usn/USN-2801-1

http://www.ubuntu.com/usn/USN-2802-1

http://www.ubuntu.com/usn/USN-2803-1

http://www.ubuntu.com/usn/USN-2804-1

http://www.ubuntu.com/usn/USN-2805-1

http://www.ubuntu.com/usn/USN-2806-1

http://www.ubuntu.com/usn/USN-2807-1

http://xenbits.xen.org/xsa/advisory-156.html

https://bugzilla.redhat.com/show_bug.cgi?id=1277172

https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed

https://kb.juniper.net/JSA10783

Details

Source: MITRE

Published: 2015-11-16

Updated: 2019-02-12

Type: CWE-399

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.2.3 (inclusive)

Configuration 2

OR

cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.4:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.5:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.5:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.6:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.0.0 to 4.0.34 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.1.0 to 4.1.42 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.2.0 to 4.2.34 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.3.0 to 4.3.29 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 5.0.0 to 5.0.8 (inclusive)

Configuration 4

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Tenable Plugins

View all (66 total)

IDNameProductFamilySeverity
124812EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1488)NessusHuawei Local Security Checks
medium
124808EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1484)NessusHuawei Local Security Checks
critical
99163OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)NessusOracleVM Local Security Checks
critical
95280OracleVM 3.2 : xen (OVMSA-2016-0166)NessusOracleVM Local Security Checks
high
95279OracleVM 3.3 : xen (OVMSA-2016-0165)NessusOracleVM Local Security Checks
high
93289SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2074-1)NessusSuSE Local Security Checks
critical
91756OracleVM 3.2 : xen (OVMSA-2016-0081)NessusOracleVM Local Security Checks
high
91198Debian DLA-479-1 : xen security updateNessusDebian Local Security Checks
high
90019OracleVM 3.2 : kernel-uek (OVMSA-2016-0037)NessusOracleVM Local Security Checks
critical
89723SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)NessusSuSE Local Security Checks
critical
89459Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)NessusFedora Local Security Checks
medium
89457Fedora 21 : xen-4.4.3-8.fc21 (2015-f150b2a8c8)NessusFedora Local Security Checks
medium
89412Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)NessusFedora Local Security Checks
medium
89260Fedora 22 : xen-4.5.2-2.fc22 (2015-668d213dc3)NessusFedora Local Security Checks
medium
89212Fedora 23 : xen-4.5.2-2.fc23 (2015-394835a3f6)NessusFedora Local Security Checks
medium
89149Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)NessusFedora Local Security Checks
medium
88605openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)NessusSuSE Local Security Checks
high
88572RHEL 7 : kernel (RHSA-2015:2587)NessusRed Hat Local Security Checks
medium
88545openSUSE Security Update : the Linux Kernel (openSUSE-2016-124)NessusSuSE Local Security Checks
high
88423Debian DSA-3454-1 : virtualbox - security updateNessusDebian Local Security Checks
medium
88170OracleVM 3.3 : xen (OVMSA-2016-0007)NessusOracleVM Local Security Checks
high
88126openSUSE Security Update : xen (openSUSE-2016-36)NessusSuSE Local Security Checks
high
88125openSUSE Security Update : xen (openSUSE-2016-35)NessusSuSE Local Security Checks
high
88124openSUSE Security Update : xen (openSUSE-2016-34)NessusSuSE Local Security Checks
high
88051Oracle VM VirtualBox < 4.0.36 / 4.1.44 / 4.2.36 / 4.3.34 / 5.0.10 Multiple Vulnerabilities (January 2016 CPU)NessusMisc.
high
87999RHEL 6 : kernel (RHSA-2016:0046)NessusRed Hat Local Security Checks
medium
87905F5 Networks BIG-IP : Linux kernel vulnerabilities (K31026324)NessusF5 Networks Local Security Checks
medium
87886RHEL 6 : kernel (RHSA-2016:0024)NessusRed Hat Local Security Checks
medium
87836Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3503)NessusOracle Linux Local Security Checks
medium
87835Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3502)NessusOracle Linux Local Security Checks
medium
87804RHEL 6 : kernel (RHSA-2016:0004)NessusRed Hat Local Security Checks
medium
87651SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)NessusSuSE Local Security Checks
medium
87650SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2338-1)NessusSuSE Local Security Checks
high
87591SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2328-1)NessusSuSE Local Security Checks
high
87590SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2326-1)NessusSuSE Local Security Checks
high
87588SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2324-1)NessusSuSE Local Security Checks
high
87583Scientific Linux Security Update : kernel on SL7.x x86_64 (20151208)NessusScientific Linux Local Security Checks
medium
87528SUSE SLES11 Security Update : xen (SUSE-SU-2015:2306-1)NessusSuSE Local Security Checks
high
87443openSUSE Security Update : xen (openSUSE-2015-893)NessusSuSE Local Security Checks
high
87403Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20151215)NessusScientific Linux Local Security Checks
medium
87399RHEL 6 : kernel (RHSA-2015:2645)NessusRed Hat Local Security Checks
medium
87398RHEL 6 : kernel (RHSA-2015:2636)NessusRed Hat Local Security Checks
medium
87396Oracle Linux 6 : kernel (ELSA-2015-2636)NessusOracle Linux Local Security Checks
medium
87393openSUSE Security Update : xen (openSUSE-2015-892)NessusSuSE Local Security Checks
medium
87391openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)NessusSuSE Local Security Checks
medium
87381CentOS 6 : kernel (CESA-2015:2636)NessusCentOS Local Security Checks
medium
87333OracleVM 3.3 : kernel-uek (OVMSA-2015-0154)NessusOracleVM Local Security Checks
medium
87332Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3107)NessusOracle Linux Local Security Checks
medium
87288Debian DSA-3414-1 : xen - security updateNessusDebian Local Security Checks
medium
87281CentOS 7 : kernel (CESA-2015:2552)NessusCentOS Local Security Checks
medium
87274RHEL 7 : kernel (RHSA-2015:2552)NessusRed Hat Local Security Checks
medium
87271Oracle Linux 7 : kernel (ELSA-2015-2552)NessusOracle Linux Local Security Checks
medium
87214SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)NessusSuSE Local Security Checks
medium
87104SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2108-1)NessusSuSE Local Security Checks
medium
87012Citrix XenServer Multiple Infinite Loop Guest-to-Host DoS (CTX202583)NessusMisc.
medium
86877FreeBSD : xen-kernel -- CPU lockup during exception delivery (2cabfbab-8bfb-11e5-bd18-002590263bf5)NessusFreeBSD Local Security Checks
medium
86847Ubuntu 14.04 LTS : linux-lts-wily vulnerability (USN-2807-1)NessusUbuntu Local Security Checks
medium
86832Debian DSA-3396-1 : linux - security updateNessusDebian Local Security Checks
medium
86818MS KB3108638: Update for Windows Hyper-V to Address CPU WeaknessNessusWindows
medium
86816Ubuntu 14.04 LTS : linux-lts-vivid vulnerability (USN-2806-1)NessusUbuntu Local Security Checks
medium
86815Ubuntu 14.04 LTS : linux-lts-utopic vulnerability (USN-2805-1)NessusUbuntu Local Security Checks
medium
86814Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2804-1)NessusUbuntu Local Security Checks
medium
86813Ubuntu 15.10 : linux vulnerability (USN-2803-1)NessusUbuntu Local Security Checks
medium
86812Ubuntu 15.04 : linux vulnerability (USN-2802-1)NessusUbuntu Local Security Checks
medium
86811Ubuntu 14.04 LTS : linux vulnerability (USN-2801-1)NessusUbuntu Local Security Checks
medium
86810Ubuntu 12.04 LTS : linux vulnerability (USN-2800-1)NessusUbuntu Local Security Checks
medium