Your submission was sent successfully! Close

CVE-2015-8550

Published: 17 December 2015

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.

From the Ubuntu Security Team

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host.

Priority

Medium

CVSS 3 base score: 8.2

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
precise
Released (3.2.0-97.137)
trusty
Released (3.13.0-74.118)
upstream
Released (4.4~rc6)
vivid
Released (3.19.0-42.48)
wily
Released (4.2.0-22.27)
xenial Not vulnerable
(4.4.0-2.16)
yakkety Not vulnerable
(4.4.0-21.37)
zesty Not vulnerable
(4.8.0-22.24)
Patches:
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 454d5d882c7e412b840e3c99010fe81a9862f6fb
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 0f589967a73f1f30ab4ac4dd9ce0bb399b4d6357
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 68a33bfd8403e4e22847165d149823a2e0e67c9c
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 1f13d75ccb806260079e0679d55d9253e370ec8a
Introduced by

402b27f9f2c22309d5bb285628765bc27b82fcf5

Fixed by 18779149101c0dd43ded43669ae2a92d21b6f9cb
Introduced by

d9d660f6e562a47b4065eeb7e538910b0471b988

Fixed by be69746ec12f35b484707da505c6c76ff06f97dc
Introduced by

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Fixed by 8135cf8b092723dbfcc611fe6fdcb3a36c9951c5


linux-armadaxp
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [3.2.0-1661.85])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-aws
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(4.4.0-1002.2)
upstream
Released (4.4~rc6)
xenial Not vulnerable
(4.4.0-1001.10)
yakkety Does not exist

zesty Does not exist

linux-ec2
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-flo
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.4~rc6)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Ignored
(abandoned)
yakkety Ignored
(abandoned)
zesty Does not exist

linux-fsl-imx51
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-gke
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
xenial Not vulnerable
(4.4.0-1003.3)
yakkety Does not exist

zesty Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.4~rc6)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Ignored
(abandoned)
yakkety Ignored
(abandoned)
zesty Ignored
(abandoned)
linux-grouper
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
yakkety Does not exist

zesty Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
yakkety Does not exist

zesty Does not exist

linux-linaro-omap
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-linaro-shared
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-linaro-vexpress
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-quantal
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [was needs-triage now end-of-life])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-raring
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [end-of-life])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-saucy
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [was needs-triage now end-of-life])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty
Launchpad, Ubuntu, Debian
precise
Released (3.13.0-74.118~precise1)
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [3.16.0-57.77~14.04.1])
upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [3.19.0-42.48~14.04.1])
upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [4.2.0-22.27~14.04.1])
upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(4.4.0-13.29~14.04.1)
upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-mako
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.4~rc6)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Ignored
(abandoned)
yakkety Ignored
(abandoned)
zesty Does not exist

linux-manta
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (4.4~rc6)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-mvl-dove
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-qcm-msm
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was ignored [abandoned])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Not vulnerable
(Xen not configured)
xenial Not vulnerable
(4.4.0-1003.4)
yakkety Not vulnerable
(4.4.0-1009.10)
zesty Not vulnerable
(4.8.0-1013.15)
linux-snapdragon
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (4.4~rc6)
wily Does not exist

xenial Not vulnerable
(4.4.0-1012.12)
yakkety Not vulnerable
(4.4.0-1012.12)
zesty Not vulnerable
(4.4.0-1029.32)
linux-ti-omap4
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [3.2.0-1476.99])
trusty Does not exist

upstream
Released (4.4~rc6)
vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

qemu
Launchpad, Ubuntu, Debian
precise Does not exist

trusty
Released (2.0.0+dfsg-2ubuntu1.22)
upstream Needs triage

vivid Ignored
(reached end-of-life)
wily
Released (1:2.3+dfsg-5ubuntu9.2)
xenial
Released (1:2.5+dfsg-1ubuntu5)
yakkety
Released (1:2.5+dfsg-1ubuntu5)
zesty
Released (1:2.5+dfsg-1ubuntu5)
Patches:







upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=f9e98e5d7a67367b862941e339a98b8322fa0cea
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=7ea11bf376aea4bf8340eb363de9777c7f93e556
qemu-kvm
Launchpad, Ubuntu, Debian
precise
Released (1.0+noroms-0ubuntu14.27)
trusty Does not exist

upstream Needs triage

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

xen
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [4.1.6.1-0ubuntu0.12.04.8])
trusty Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.4])
upstream Needs triage

vivid
Released (4.5.0-1ubuntu4.4)
wily
Released (4.5.1-0ubuntu1.2)
xenial
Released (4.6.0-1ubuntu2)
yakkety
Released (4.6.0-1ubuntu2)
zesty
Released (4.6.0-1ubuntu2)
Binaries built from this source package are in Universe and so are supported by the community.