CVE-2015-8550

Published: 17 December 2015

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.

From the Ubuntu security team

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host.

Priority

Medium

CVSS 3 base score: 8.2

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-2.16)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (3.13.0-74.118)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 454d5d882c7e412b840e3c99010fe81a9862f6fb
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 0f589967a73f1f30ab4ac4dd9ce0bb399b4d6357
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 68a33bfd8403e4e22847165d149823a2e0e67c9c
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 1f13d75ccb806260079e0679d55d9253e370ec8a
Introduced by 402b27f9f2c22309d5bb285628765bc27b82fcf5
Fixed by 18779149101c0dd43ded43669ae2a92d21b6f9cb
Introduced by d9d660f6e562a47b4065eeb7e538910b0471b988
Fixed by be69746ec12f35b484707da505c6c76ff06f97dc
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 8135cf8b092723dbfcc611fe6fdcb3a36c9951c5
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-aws
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1001.10)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.4.0-1002.2)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-flo
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1003.3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-grouper
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-hwe
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-saucy
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [3.16.0-57.77~14.04.1])
linux-lts-vivid
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [3.19.0-42.48~14.04.1])
linux-lts-wily
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.2.0-22.27~14.04.1])
linux-lts-xenial
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(4.4.0-13.29~14.04.1)
linux-maguro
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-mako
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-manta
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)
linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1003.4)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1012.12)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream
Released (4.4~rc6)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

qemu
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus)
Released (1:2.5+dfsg-1ubuntu5)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.0.0+dfsg-2ubuntu1.22)
Patches:
Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=f9e98e5d7a67367b862941e339a98b8322fa0cea
Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=7ea11bf376aea4bf8340eb363de9777c7f93e556
qemu-kvm
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

xen
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.6.0-1ubuntu2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.4])
Binaries built from this source package are in Universe and so are supported by the community.