exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

CVE-2015-8104

Status Candidate

Overview

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

Related Files

Red Hat Security Advisory 2016-0103-01
Posted Feb 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0103-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #DB is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, denial of service, x86, kernel, local
systems | linux, redhat
advisories | CVE-2015-8104, CVE-2016-0728, CVE-2016-0774
MD5 | 28b58ec3dcd7bed7f48354876eaed0f5
Debian Security Advisory 3454-1
Posted Jan 27, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3454-1 - Multiple vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2015-5307, CVE-2015-8104, CVE-2016-0495, CVE-2016-0592
MD5 | 928150f1f1fbd941210a4cf479174f9f
Red Hat Security Advisory 2016-0046-01
Posted Jan 19, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0046-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | 979b27fedb6e66dbdba1eaa7a7dedae5
Red Hat Security Advisory 2016-0024-01
Posted Jan 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0024-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | d059f2158ce2e87f3a78a3da557db557
Red Hat Security Advisory 2016-0004-01
Posted Jan 7, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0004-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | 7d6a14f9dafcf7c790a3733c51a79a36
Debian Security Advisory 3426-1
Posted Dec 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3426-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-7446, CVE-2015-7799, CVE-2015-7833, CVE-2015-8104, CVE-2015-8374, CVE-2015-8543
MD5 | d6e3fbfbc3287ef9d8cb9a15c79551d6
Ubuntu Security Notice USN-2843-2
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2843-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7872, CVE-2015-7884, CVE-2015-7885, CVE-2015-8104
MD5 | 5ef086dfacfeec593fa933b5f7aec168
Ubuntu Security Notice USN-2844-1
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2844-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7885, CVE-2015-8104
MD5 | 21d637df7eba540e08561d2260564bbe
Ubuntu Security Notice USN-2843-1
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2843-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7872, CVE-2015-7884, CVE-2015-7885, CVE-2015-8104
MD5 | 870916dc3fa8e85881a9666ec2c8e865
Ubuntu Security Notice USN-2842-2
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2842-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7884, CVE-2015-7885, CVE-2015-8104
MD5 | 0c015198dd315b98e5e1cd5ae97d3e5b
Ubuntu Security Notice USN-2842-1
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2842-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7884, CVE-2015-7885, CVE-2015-8104
MD5 | 35468d11382c0e5409685c2258defb16
Ubuntu Security Notice USN-2841-2
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2841-2 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7885, CVE-2015-8104
MD5 | 030c3ed4377e9028795cd3f7e86776ea
Ubuntu Security Notice USN-2841-1
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2841-1 - Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. It was discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7799, CVE-2015-7885, CVE-2015-8104
MD5 | f668907e7b068203b1e7d9d4b95d757e
Ubuntu Security Notice USN-2840-1
Posted Dec 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2840-1 - Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-7872, CVE-2015-8104
MD5 | 051f5e489cda893a7a62af2acf2c4175
Red Hat Security Advisory 2015-2645-01
Posted Dec 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2645-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | bbe1a21e8bc821542d28094d83c51f46
Red Hat Security Advisory 2015-2636-01
Posted Dec 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-2925, CVE-2015-5307, CVE-2015-7613, CVE-2015-7872, CVE-2015-8104
MD5 | 3774cc91e9250b3134a34b569b444a3c
Debian Security Advisory 3414-1
Posted Dec 10, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3414-1 - Multiple security issues have been found in the Xen virtualisation solution, which may result in denial of service or information disclosure.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2015-3259, CVE-2015-3340, CVE-2015-5307, CVE-2015-6654, CVE-2015-7311, CVE-2015-7812, CVE-2015-7813, CVE-2015-7814, CVE-2015-7969, CVE-2015-7970, CVE-2015-7971, CVE-2015-7972, CVE-2015-8104
MD5 | 3e25b029b2f152b2b16157fabb204693
Red Hat Security Advisory 2015-2552-01
Posted Dec 8, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2552-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the x86 ISA is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way delivering of benign exceptions such as #AC and #DB is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel.

tags | advisory, denial of service, x86, kernel
systems | linux, redhat
advisories | CVE-2015-5307, CVE-2015-8104
MD5 | 7565ce49f3b56e667e33f9ac550d1c80
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close