CVE-2015-8104

Loading...

General

Score:4.7/10.0
Severity:Low
Category:Resource Management Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Local
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2009-4537, CVE-2009-4895, CVE-2010-0298, CVE-2010-0306, CVE-2010-0307, CVE-2010-0309, CVE-2010-0410, CVE-2010-0415, CVE-2010-0419, CVE-2010-0435, CVE-2010-0623, CVE-2010-0727, CVE-2010-1085, CVE-2010-1162, CVE-2010-1173, CVE-2010-1436, CVE-2010-1437, CVE-2010-1636, CVE-2010-1641, CVE-2010-2066, CVE-2010-2071, CVE-2010-2226, CVE-2010-2478, CVE-2010-2492, CVE-2010-2524, CVE-2010-2537, CVE-2010-2538, CVE-2010-2803, CVE-2010-2942, CVE-2010-2955, CVE-2010-2959, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296, CVE-2010-3298, CVE-2010-3301, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3698, CVE-2010-3705, CVE-2010-3858, CVE-2010-3861, CVE-2010-3865, CVE-2010-3874, CVE-2010-3876, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4165, CVE-2010-4243, CVE-2010-4250, CVE-2010-4251, CVE-2010-4258, CVE-2010-4263, CVE-2010-4346, CVE-2010-4525, CVE-2010-4565, CVE-2010-4655, CVE-2010-5313, CVE-2011-0006, CVE-2011-0521, CVE-2011-0710, CVE-2011-0711, CVE-2011-0726, CVE-2011-1010, CVE-2011-1013, CVE-2011-1016, CVE-2011-1019, CVE-2011-1020, CVE-2011-1023, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1082, CVE-2011-1083, CVE-2011-1090, CVE-2011-1093, CVE-2011-1160, CVE-2011-1161, CVE-2011-1162, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1573, CVE-2011-1576, CVE-2011-1577, CVE-2011-1581, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1748, CVE-2011-1767, CVE-2011-1768, CVE-2011-1770, CVE-2011-1771, CVE-2011-1776, CVE-2011-1833, CVE-2011-1898, CVE-2011-2022, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2494, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2521, CVE-2011-2693, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905, CVE-2011-2942, CVE-2011-3188, CVE-2011-3191, CVE-2011-3347, CVE-2011-3353, CVE-2011-3359, CVE-2011-3363, CVE-2011-3593, CVE-2011-3637, CVE-2011-3638, CVE-2011-4081, CVE-2011-4086, CVE-2011-4097, CVE-2011-4098, CVE-2011-4110, CVE-2011-4127, CVE-2011-4594, CVE-2011-5321, CVE-2012-0045, CVE-2012-0056, CVE-2012-0207, CVE-2012-0879, CVE-2012-1097, CVE-2012-1179, CVE-2012-1568, CVE-2012-1601, CVE-2012-2100, CVE-2012-2119, CVE-2012-2121, CVE-2012-2123, CVE-2012-2133, CVE-2012-2136, CVE-2012-2137, CVE-2012-2313, CVE-2012-2372, CVE-2012-2375, CVE-2012-2383, CVE-2012-2384, CVE-2012-2390, CVE-2012-2744, CVE-2012-2745, CVE-2012-3400, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511, CVE-2012-4398, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4542, CVE-2012-4565, CVE-2012-6537, CVE-2012-6542, CVE-2012-6544, CVE-2012-6545, CVE-2012-6546, CVE-2012-6547, CVE-2012-6548, CVE-2012-6647, CVE-2012-6657, CVE-2013-0190, CVE-2013-0228, CVE-2013-0268, CVE-2013-0343, CVE-2013-0349, CVE-2013-0871, CVE-2013-0913, CVE-2013-0914, CVE-2013-1767, CVE-2013-1773, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1826, CVE-2013-1827, CVE-2013-1848, CVE-2013-1860, CVE-2013-1928, CVE-2013-1935, CVE-2013-1943, CVE-2013-2015, CVE-2013-2017, CVE-2013-2094, CVE-2013-2128, CVE-2013-2141, CVE-2013-2146, CVE-2013-2164, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2596, CVE-2013-2634, CVE-2013-2635, CVE-2013-2851, CVE-2013-2852, CVE-2013-2888, CVE-2013-2889, CVE-2013-2892, CVE-2013-2929, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225, CVE-2013-3231, CVE-2013-3301, CVE-2013-4162, CVE-2013-4299, CVE-2013-4312, CVE-2013-4345, CVE-2013-4387, CVE-2013-4470, CVE-2013-4483, CVE-2013-4588, CVE-2013-6367, CVE-2013-6368, CVE-2013-6378, CVE-2013-6383, CVE-2013-6405, CVE-2013-7271, CVE-2013-7339, CVE-2013-7421, CVE-2013-7446, CVE-2014-0055, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101, CVE-2014-0181, CVE-2014-0196, CVE-2014-0203, CVE-2014-0205, CVE-2014-0222, CVE-2014-1737, CVE-2014-1738, CVE-2014-1874, CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122, CVE-2014-3144, CVE-2014-3145, CVE-2014-3153, CVE-2014-3184, CVE-2014-3185, CVE-2014-3215, CVE-2014-3601, CVE-2014-3610, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-3690, CVE-2014-3917, CVE-2014-3940, CVE-2014-4608, CVE-2014-4652, CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, CVE-2014-4656, CVE-2014-4667, CVE-2014-4699, CVE-2014-4943, CVE-2014-5045, CVE-2014-5077, CVE-2014-5471, CVE-2014-5472, CVE-2014-6410, CVE-2014-7822, CVE-2014-7825, CVE-2014-7826, CVE-2014-7841, CVE-2014-7842, CVE-2014-8133, CVE-2014-8134, CVE-2014-8159, CVE-2014-8369, CVE-2014-8709, CVE-2014-8884, CVE-2014-9322, CVE-2014-9419, CVE-2014-9420, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9644, CVE-2014-9683, CVE-2015-0239, CVE-2015-0272, CVE-2015-1593, CVE-2015-1805, CVE-2015-2752, CVE-2015-2756, CVE-2015-2830, CVE-2015-2922, CVE-2015-2925, CVE-2015-3259, CVE-2015-3331, CVE-2015-3339, CVE-2015-3340, CVE-2015-3636, CVE-2015-4037, CVE-2015-4106, CVE-2015-5154, CVE-2015-5156, CVE-2015-5157, CVE-2015-5165, CVE-2015-5239, CVE-2015-5283, CVE-2015-5307, CVE-2015-5364, CVE-2015-5366, CVE-2015-6252, CVE-2015-6654, CVE-2015-6815, CVE-2015-6937, CVE-2015-7311, CVE-2015-7504, CVE-2015-7509, CVE-2015-7512, CVE-2015-7515, CVE-2015-7550, CVE-2015-7566, CVE-2015-7613, CVE-2015-7799, CVE-2015-7812, CVE-2015-7813, CVE-2015-7814, CVE-2015-7833, CVE-2015-7835, CVE-2015-7872, CVE-2015-7884, CVE-2015-7885, CVE-2015-7969, CVE-2015-7970, CVE-2015-7971, CVE-2015-7972, CVE-2015-7990, CVE-2015-8215, CVE-2015-8324, CVE-2015-8339, CVE-2015-8340, CVE-2015-8341, CVE-2015-8345, CVE-2015-8504, CVE-2015-8539, CVE-2015-8543, CVE-2015-8550, CVE-2015-8554, CVE-2015-8555, CVE-2015-8569, CVE-2015-8575, CVE-2015-8615, CVE-2015-8767, CVE-2015-8785, CVE-2015-8812, CVE-2015-8816, CVE-2016-0495, CVE-2016-0592, CVE-2016-0723, CVE-2016-0728, CVE-2016-0758, CVE-2016-0774, CVE-2016-1570, CVE-2016-1571, CVE-2016-2069, CVE-2016-2117, CVE-2016-2143, CVE-2016-2184, CVE-2016-2185, CVE-2016-2186, CVE-2016-2188, CVE-2016-2270, CVE-2016-2271, CVE-2016-2384, CVE-2016-2543, CVE-2016-2544, CVE-2016-2545, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548, CVE-2016-2549, CVE-2016-2550, CVE-2016-2782, CVE-2016-2847, CVE-2016-3070, CVE-2016-3134, CVE-2016-3137, CVE-2016-3138, CVE-2016-3139, CVE-2016-3140, CVE-2016-3156, CVE-2016-4470, CVE-2016-4486, CVE-2016-4565, CVE-2016-4581, CVE-2016-4794, CVE-2016-5195, CVE-2016-5412, CVE-2016-5696, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6480, CVE-2016-7039

Published on 16/11/15 - Updated on 24/05/17

Description

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2015-8104
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2015-AVI-466, CERTFR-2015-AVI-508, CERTFR-2015-AVI-549, CERTFR-2015-AVI-554, CERTFR-2015-AVI-556, CERTFR-2015-AVI-563, CERTFR-2016-AVI-029, CERTFR-2016-AVI-050, CERTFR-2016-AVI-244, CERTFR-2017-AVI-012, CERTFR-2017-AVI-111, CERTFR-2018-AVI-184
CentOS CESA-2015:2552, CESA-2015:2636
Debian DSA-3414-1, DSA-3426-1, DSA-3454-1
Debian LTSDLA-479-1
Oracle Linux ELSA-2015-2552, ELSA-2015-2636, ELSA-2015-3107, ELSA-2016-0855, ELSA-2016-2574, ELSA-2016-3502, ELSA-2016-3503
Redhat RHSA-2015:2552, RHSA-2015:2636, RHSA-2015:2645, RHSA-2016:0004, RHSA-2016:0024, RHSA-2016:0046, RHSA-2016:0103
Renater 2015/VULN262
SUSE SUSE-SU-2015:2108, SUSE-SU-2015:2194, SUSE-SU-2015:2306, SUSE-SU-2015:2324, SUSE-SU-2015:2326, SUSE-SU-2015:2328, SUSE-SU-2015:2338, SUSE-SU-2015:2339, SUSE-SU-2016:0658, SUSE-SU-2016:2074
Ubuntu USN-2840-1, USN-2841-1, USN-2841-2, USN-2842-1, USN-2842-2, USN-2843-1, USN-2843-2, USN-2844-1

Exploits

SecurityFocusBID-91787

Relative technologies

VendorProduct
linuxlinux_kernel
oraclesolaris
oraclevm_virtualbox
xenxen

Share this vulnerability with:

Twitter Facebook LinkedIn Mail