CVE - CVE-2015-5307

CVE-ID
CVE-2015-5307	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1034105 URL:http://www.securitytracker.com/id/1034105 MISC:77528 URL:http://www.securityfocus.com/bid/77528 MISC:DSA-3396 URL:http://www.debian.org/security/2015/dsa-3396 MISC:DSA-3414 URL:http://www.debian.org/security/2015/dsa-3414 MISC:DSA-3454 URL:http://www.debian.org/security/2016/dsa-3454 MISC:FEDORA-2015-394835a3f6 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html MISC:FEDORA-2015-668d213dc3 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html MISC:FEDORA-2015-f150b2a8c8 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html MISC:RHSA-2015:2636 URL:http://rhn.redhat.com/errata/RHSA-2015-2636.html MISC:RHSA-2015:2645 URL:http://rhn.redhat.com/errata/RHSA-2015-2645.html MISC:RHSA-2016:0046 URL:http://rhn.redhat.com/errata/RHSA-2016-0046.html MISC:SUSE-SU-2015:2108 URL:http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html MISC:SUSE-SU-2015:2194 URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html MISC:SUSE-SU-2015:2339 URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html MISC:SUSE-SU-2015:2350 URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html MISC:SUSE-SU-2016:0354 URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html MISC:SUSE-SU-2016:2074 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html MISC:USN-2800-1 URL:http://www.ubuntu.com/usn/USN-2800-1 MISC:USN-2801-1 URL:http://www.ubuntu.com/usn/USN-2801-1 MISC:USN-2802-1 URL:http://www.ubuntu.com/usn/USN-2802-1 MISC:USN-2803-1 URL:http://www.ubuntu.com/usn/USN-2803-1 MISC:USN-2804-1 URL:http://www.ubuntu.com/usn/USN-2804-1 MISC:USN-2805-1 URL:http://www.ubuntu.com/usn/USN-2805-1 MISC:USN-2806-1 URL:http://www.ubuntu.com/usn/USN-2806-1 MISC:USN-2807-1 URL:http://www.ubuntu.com/usn/USN-2807-1 MISC:[oss-security] 20151110 Re: CVE-2015-5307 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #AC exception URL:http://www.openwall.com/lists/oss-security/2015/11/10/6 MISC:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed URL:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54a20552e1eae07aa240fa370a0293e006b5faed MISC:http://support.citrix.com/article/CTX202583 URL:http://support.citrix.com/article/CTX202583 MISC:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html URL:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html MISC:http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html URL:http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html MISC:http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html URL:http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html MISC:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html URL:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html MISC:http://xenbits.xen.org/xsa/advisory-156.html URL:http://xenbits.xen.org/xsa/advisory-156.html MISC:https://bugzilla.redhat.com/show_bug.cgi?id=1277172 URL:https://bugzilla.redhat.com/show_bug.cgi?id=1277172 MISC:https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed URL:https://github.com/torvalds/linux/commit/54a20552e1eae07aa240fa370a0293e006b5faed MISC:https://kb.juniper.net/JSA10783 URL:https://kb.juniper.net/JSA10783 MISC:openSUSE-SU-2015:2232 URL:http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html MISC:openSUSE-SU-2015:2250 URL:http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html
Assigning CNA
Red Hat, Inc.
Date Record Created
20150701	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20150701)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)