CVE-2015-8104

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html

http://rhn.redhat.com/errata/RHSA-2015-2636.html

http://rhn.redhat.com/errata/RHSA-2015-2645.html

http://rhn.redhat.com/errata/RHSA-2016-0046.html

http://support.citrix.com/article/CTX202583

http://support.citrix.com/article/CTX203879

http://www.debian.org/security/2015/dsa-3414

http://www.debian.org/security/2015/dsa-3426

http://www.debian.org/security/2016/dsa-3454

http://www.openwall.com/lists/oss-security/2015/11/10/5

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

http://www.securityfocus.com/bid/77524

http://www.securityfocus.com/bid/91787

http://www.securitytracker.com/id/1034105

http://www.ubuntu.com/usn/USN-2840-1

http://www.ubuntu.com/usn/USN-2841-1

http://www.ubuntu.com/usn/USN-2841-2

http://www.ubuntu.com/usn/USN-2842-1

http://www.ubuntu.com/usn/USN-2842-2

http://www.ubuntu.com/usn/USN-2843-1

http://www.ubuntu.com/usn/USN-2843-2

http://www.ubuntu.com/usn/USN-2844-1

http://xenbits.xen.org/xsa/advisory-156.html

https://bugzilla.redhat.com/show_bug.cgi?id=1278496

https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d

https://kb.juniper.net/JSA10783

Details

Source: MITRE

Published: 2015-11-16

Updated: 2019-02-13

Type: CWE-399

Risk Information

CVSS v2

Base Score: 4.7

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.4

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.2:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*

cpe:2.3:o:xen:xen:4.6.5:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.0.0 to 4.0.34 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.1.0 to 4.1.42 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.2.0 to 4.2.34 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 4.3.0 to 4.3.35 (inclusive)

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* versions from 5.0.0 to 5.0.13 (inclusive)

Configuration 4

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.2.3 (inclusive)

Configuration 5

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

Tenable Plugins

View all (63 total)

IDNameProductFamilySeverity
124989EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1536)NessusHuawei Local Security Checks
high
124812EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1488)NessusHuawei Local Security Checks
medium
99163OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)NessusOracleVM Local Security Checks
critical
93289SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2074-1)NessusSuSE Local Security Checks
critical
92679Debian DSA-3426-1 : Linux Security UpdateNessusDebian Local Security Checks
high
92454Oracle Solaris Critical Patch Update : jul2016_SRU11_3_8_7_0NessusSolaris Local Security Checks
medium
91198Debian DLA-479-1 : xen security updateNessusDebian Local Security Checks
high
90482openSUSE Security Update : the Linux Kernel (openSUSE-2016-445)NessusSuSE Local Security Checks
critical
90019OracleVM 3.2 : kernel-uek (OVMSA-2016-0037)NessusOracleVM Local Security Checks
critical
89723SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)NessusSuSE Local Security Checks
critical
89459Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)NessusFedora Local Security Checks
medium
89457Fedora 21 : xen-4.4.3-8.fc21 (2015-f150b2a8c8)NessusFedora Local Security Checks
medium
89412Fedora 22 : kernel-4.2.6-200.fc22 (2015-cd94ad8d7c)NessusFedora Local Security Checks
medium
89260Fedora 22 : xen-4.5.2-2.fc22 (2015-668d213dc3)NessusFedora Local Security Checks
medium
89212Fedora 23 : xen-4.5.2-2.fc23 (2015-394835a3f6)NessusFedora Local Security Checks
medium
89149Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)NessusFedora Local Security Checks
medium
88605openSUSE Security Update : the Linux Kernel (openSUSE-2016-136)NessusSuSE Local Security Checks
high
88558RHEL 7 : kernel (RHSA-2016:0103)NessusRed Hat Local Security Checks
high
88545openSUSE Security Update : the Linux Kernel (openSUSE-2016-124)NessusSuSE Local Security Checks
high
88423Debian DSA-3454-1 : virtualbox - security updateNessusDebian Local Security Checks
medium
88170OracleVM 3.3 : xen (OVMSA-2016-0007)NessusOracleVM Local Security Checks
high
88124openSUSE Security Update : xen (openSUSE-2016-34)NessusSuSE Local Security Checks
high
88051Oracle VM VirtualBox < 4.0.36 / 4.1.44 / 4.2.36 / 4.3.34 / 5.0.10 Multiple Vulnerabilities (January 2016 CPU)NessusMisc.
high
87999RHEL 6 : kernel (RHSA-2016:0046)NessusRed Hat Local Security Checks
medium
87905F5 Networks BIG-IP : Linux kernel vulnerabilities (K31026324)NessusF5 Networks Local Security Checks
medium
87886RHEL 6 : kernel (RHSA-2016:0024)NessusRed Hat Local Security Checks
medium
87836Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3503)NessusOracle Linux Local Security Checks
medium
87835Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3502)NessusOracle Linux Local Security Checks
medium
87804RHEL 6 : kernel (RHSA-2016:0004)NessusRed Hat Local Security Checks
medium
87651SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2339-1)NessusSuSE Local Security Checks
medium
87650SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2338-1)NessusSuSE Local Security Checks
high
87591SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2328-1)NessusSuSE Local Security Checks
high
87590SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:2326-1)NessusSuSE Local Security Checks
high
87588SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:2324-1)NessusSuSE Local Security Checks
high
87583Scientific Linux Security Update : kernel on SL7.x x86_64 (20151208)NessusScientific Linux Local Security Checks
medium
87528SUSE SLES11 Security Update : xen (SUSE-SU-2015:2306-1)NessusSuSE Local Security Checks
high
87497Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2843-2)NessusUbuntu Local Security Checks
low
87471Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2844-1)NessusUbuntu Local Security Checks
low
87470Ubuntu 15.10 : linux vulnerabilities (USN-2843-1)NessusUbuntu Local Security Checks
low
87469Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2842-2)NessusUbuntu Local Security Checks
low
87468Ubuntu 15.04 : linux vulnerabilities (USN-2842-1)NessusUbuntu Local Security Checks
low
87467Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2841-2)NessusUbuntu Local Security Checks
low
87466Ubuntu 14.04 LTS : linux vulnerabilities (USN-2841-1)NessusUbuntu Local Security Checks
low
87465Ubuntu 12.04 LTS : linux vulnerabilities (USN-2840-1)NessusUbuntu Local Security Checks
medium
87443openSUSE Security Update : xen (openSUSE-2015-893)NessusSuSE Local Security Checks
high
87403Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20151215)NessusScientific Linux Local Security Checks
medium
87399RHEL 6 : kernel (RHSA-2015:2645)NessusRed Hat Local Security Checks
medium
87398RHEL 6 : kernel (RHSA-2015:2636)NessusRed Hat Local Security Checks
medium
87396Oracle Linux 6 : kernel (ELSA-2015-2636)NessusOracle Linux Local Security Checks
medium
87393openSUSE Security Update : xen (openSUSE-2015-892)NessusSuSE Local Security Checks
medium
87391openSUSE Security Update : the Linux Kernel (openSUSE-2015-879)NessusSuSE Local Security Checks
medium
87381CentOS 6 : kernel (CESA-2015:2636)NessusCentOS Local Security Checks
medium
87333OracleVM 3.3 : kernel-uek (OVMSA-2015-0154)NessusOracleVM Local Security Checks
medium
87332Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3107)NessusOracle Linux Local Security Checks
medium
87288Debian DSA-3414-1 : xen - security updateNessusDebian Local Security Checks
medium
87281CentOS 7 : kernel (CESA-2015:2552)NessusCentOS Local Security Checks
medium
87274RHEL 7 : kernel (RHSA-2015:2552)NessusRed Hat Local Security Checks
medium
87271Oracle Linux 7 : kernel (ELSA-2015-2552)NessusOracle Linux Local Security Checks
medium
87214SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2015:2194-1)NessusSuSE Local Security Checks
medium
87104SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2015:2108-1)NessusSuSE Local Security Checks
medium
87012Citrix XenServer Multiple Infinite Loop Guest-to-Host DoS (CTX202583)NessusMisc.
medium
86877FreeBSD : xen-kernel -- CPU lockup during exception delivery (2cabfbab-8bfb-11e5-bd18-002590263bf5)NessusFreeBSD Local Security Checks
medium
86818MS KB3108638: Update for Windows Hyper-V to Address CPU WeaknessNessusWindows
medium