Your submission was sent successfully! Close

CVE-2015-8104

Published: 16 November 2015

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

From the Ubuntu security team

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

Priority

Medium

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by cbdb967af3d54993f5814f1cee0ed311a055377d
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
This package is not directly supported by the Ubuntu Security Team
linux-aws
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-flo
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-gke
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-goldfish
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-grouper
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-hwe
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
This package is not directly supported by the Ubuntu Security Team
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-lts-saucy
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-lts-utopic
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-lts-vivid
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-lts-wily
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-lts-xenial
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-maguro
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-mako
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-manta
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-raspi2
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(x86 only)
linux-snapdragon
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc1)
virtualbox
Launchpad, Ubuntu, Debian
Upstream
Released (5.0.14-dfsg-1)
xen
Launchpad, Ubuntu, Debian
Upstream
Released
Binaries built from this source package are in Universe and so are supported by the community.