CVE-2015-7513

MEDIUM

Description

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html

http://www.debian.org/security/2016/dsa-3434

http://www.openwall.com/lists/oss-security/2016/01/07/2

http://www.securityfocus.com/bid/79901

http://www.securitytracker.com/id/1034602

http://www.ubuntu.com/usn/USN-2886-1

http://www.ubuntu.com/usn/USN-2887-1

http://www.ubuntu.com/usn/USN-2887-2

http://www.ubuntu.com/usn/USN-2888-1

http://www.ubuntu.com/usn/USN-2889-1

http://www.ubuntu.com/usn/USN-2889-2

http://www.ubuntu.com/usn/USN-2890-1

http://www.ubuntu.com/usn/USN-2890-2

http://www.ubuntu.com/usn/USN-2890-3

https://bugzilla.redhat.com/show_bug.cgi?id=1284847

https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8

Details

Source: MITRE

Published: 2016-02-08

Updated: 2017-11-04

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 4.9

Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C)

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 2

Severity: MEDIUM

Tenable Plugins

View all (21 total)

ID	Name	Product	Family	Severity
124826	EulerOS : kernel (EulerOS-SA-2019-1503)	Nessus	Huawei Local Security Checks	critical
124812	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1488)	Nessus	Huawei Local Security Checks	high
96903	SUSE SLES11 Security Update : kernel (SUSE-SU-2017:0333-1)	Nessus	SuSE Local Security Checks	critical
95536	SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2976-1)	Nessus	SuSE Local Security Checks	critical
94303	openSUSE Security Update : the Linux Kernel (openSUSE-2016-1227) (Dirty COW)	Nessus	SuSE Local Security Checks	critical
93679	OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0100)	Nessus	OracleVM Local Security Checks	critical
93370	SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2245-1)	Nessus	SuSE Local Security Checks	critical
93148	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3596)	Nessus	Oracle Linux Local Security Checks	critical
89600	Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)	Nessus	Fedora Local Security Checks	high
89554	Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)	Nessus	Fedora Local Security Checks	critical
89497	Fedora 23 : kernel-4.3.3-301.fc23 (2016-26e19f042a)	Nessus	Fedora Local Security Checks	medium
88526	Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2890-3)	Nessus	Ubuntu Local Security Checks	critical
88525	Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2890-2)	Nessus	Ubuntu Local Security Checks	critical
88524	Ubuntu 15.10 : linux vulnerabilities (USN-2890-1)	Nessus	Ubuntu Local Security Checks	critical
88523	Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2889-2)	Nessus	Ubuntu Local Security Checks	critical
88522	Ubuntu 15.04 : linux vulnerabilities (USN-2889-1)	Nessus	Ubuntu Local Security Checks	critical
88521	Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2888-1)	Nessus	Ubuntu Local Security Checks	medium
88520	Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2887-2)	Nessus	Ubuntu Local Security Checks	medium
88519	Ubuntu 14.04 LTS : linux vulnerabilities (USN-2887-1)	Nessus	Ubuntu Local Security Checks	medium
88518	Ubuntu 12.04 LTS : linux vulnerabilities (USN-2886-1)	Nessus	Ubuntu Local Security Checks	medium
87741	Debian DSA-3434-1 : linux - security update	Nessus	Debian Local Security Checks	medium