// For flags

CVE-2015-8104

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

Severity Score

4.7
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

El subsistema KVM en el kernel Linux hasta la versión 4.2.6, y Xen 4.3.x hasta la versión 4.6.x permite a usuarios del SO invitados causar una denegación de servicio (panic en el host del SO o cuelgue) desencadenando muchas excepciones #DB (también conocidas como Debug), relacionadas con svm.c.

It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #DB (debug exception) is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
Attack Vector
Adjacent
Attack Complexity
Medium
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-11-09 CVE Reserved
  • 2015-11-16 CVE Published
  • 2024-02-16 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
  • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (44)
URL Tag Source
http://support.citrix.com/article/CTX202583 Third Party Advisory
http://support.citrix.com/article/CTX203879 Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/11/10/5 Mailing List
http://www.openwall.com/lists/oss-security/2023/10/10/4 Mailing List
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html Third Party Advisory
http://www.securityfocus.com/bid/77524 Third Party Advisory
http://www.securityfocus.com/bid/91787 Third Party Advisory
http://www.securitytracker.com/id/1034105 Third Party Advisory
https://kb.juniper.net/JSA10783 Third Party Advisory
URL Date SRC
URL Date SRC
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d 2023-10-10
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html 2023-10-10
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html 2023-10-10
http://xenbits.xen.org/xsa/advisory-156.html 2023-10-10
https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d 2023-10-10
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html 2023-10-10
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html 2023-10-10
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html 2023-10-10
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html 2023-10-10
http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html 2023-10-10
http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html 2023-10-10
http://rhn.redhat.com/errata/RHSA-2015-2636.html 2023-10-10
http://rhn.redhat.com/errata/RHSA-2015-2645.html 2023-10-10
http://rhn.redhat.com/errata/RHSA-2016-0046.html 2023-10-10
http://www.debian.org/security/2015/dsa-3414 2023-10-10
http://www.debian.org/security/2015/dsa-3426 2023-10-10
http://www.debian.org/security/2016/dsa-3454 2023-10-10
http://www.ubuntu.com/usn/USN-2840-1 2023-10-10
http://www.ubuntu.com/usn/USN-2841-1 2023-10-10
http://www.ubuntu.com/usn/USN-2841-2 2023-10-10
http://www.ubuntu.com/usn/USN-2842-1 2023-10-10
http://www.ubuntu.com/usn/USN-2842-2 2023-10-10
http://www.ubuntu.com/usn/USN-2843-1 2023-10-10
http://www.ubuntu.com/usn/USN-2843-2 2023-10-10
http://www.ubuntu.com/usn/USN-2844-1 2023-10-10
https://bugzilla.redhat.com/show_bug.cgi?id=1278496 2016-02-02
https://access.redhat.com/security/cve/CVE-2015-8104 2016-02-02
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.3.0
Search vendor "Xen" for product "Xen" and version "4.3.0"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.3.1
Search vendor "Xen" for product "Xen" and version "4.3.1"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.3.2
Search vendor "Xen" for product "Xen" and version "4.3.2"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.3.3
Search vendor "Xen" for product "Xen" and version "4.3.3"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.3.4
Search vendor "Xen" for product "Xen" and version "4.3.4"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.4.0
Search vendor "Xen" for product "Xen" and version "4.4.0"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.4.1
Search vendor "Xen" for product "Xen" and version "4.4.1"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.4.2
Search vendor "Xen" for product "Xen" and version "4.4.2"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.4.3
Search vendor "Xen" for product "Xen" and version "4.4.3"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.5.0
Search vendor "Xen" for product "Xen" and version "4.5.0"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.5.1
Search vendor "Xen" for product "Xen" and version "4.5.1"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.5.2
Search vendor "Xen" for product "Xen" and version "4.5.2"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.6.0
Search vendor "Xen" for product "Xen" and version "4.6.0"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.6.1
Search vendor "Xen" for product "Xen" and version "4.6.1"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.6.2
Search vendor "Xen" for product "Xen" and version "4.6.2"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.6.4
Search vendor "Xen" for product "Xen" and version "4.6.4"
-
Affected
Xen
Search vendor "Xen"
 Xen
Search vendor "Xen" for product "Xen"
 4.6.5
Search vendor "Xen" for product "Xen" and version "4.6.5"
-
Affected
Oracle
Search vendor "Oracle"
 Solaris
Search vendor "Oracle" for product "Solaris"
 11.3
Search vendor "Oracle" for product "Solaris" and version "11.3"
-
Affected
Oracle
Search vendor "Oracle"
 Vm Virtualbox
Search vendor "Oracle" for product "Vm Virtualbox"
 >= 4.0.0 <= 4.0.34
Search vendor "Oracle" for product "Vm Virtualbox" and version " >= 4.0.0 <= 4.0.34"
-
Affected
Oracle
Search vendor "Oracle"
 Vm Virtualbox
Search vendor "Oracle" for product "Vm Virtualbox"
 >= 4.1.0 <= 4.1.42
Search vendor "Oracle" for product "Vm Virtualbox" and version " >= 4.1.0 <= 4.1.42"
-
Affected
Oracle
Search vendor "Oracle"
 Vm Virtualbox
Search vendor "Oracle" for product "Vm Virtualbox"
 >= 4.2.0 <= 4.2.34
Search vendor "Oracle" for product "Vm Virtualbox" and version " >= 4.2.0 <= 4.2.34"
-
Affected
Oracle
Search vendor "Oracle"
 Vm Virtualbox
Search vendor "Oracle" for product "Vm Virtualbox"
 >= 4.3.0 <= 4.3.35
Search vendor "Oracle" for product "Vm Virtualbox" and version " >= 4.3.0 <= 4.3.35"
-
Affected
Oracle
Search vendor "Oracle"
 Vm Virtualbox
Search vendor "Oracle" for product "Vm Virtualbox"
 >= 5.0.0 <= 5.0.13
Search vendor "Oracle" for product "Vm Virtualbox" and version " >= 5.0.0 <= 5.0.13"
-
Affected
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 <= 4.2.3
Search vendor "Linux" for product "Linux Kernel" and version " <= 4.2.3"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 9.0
Search vendor "Debian" for product "Debian Linux" and version "9.0"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 15.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "15.04"
-
Affected