virtualization
This is an old revision of the document!
KVM(Linux kernel)/QEMU
- git reppo: https://git.opnfv.org/cgit/kvmfornfv/tree
- kernel-git: https://git.opnfv.org/cgit/kvmfornfv/tree/kernel
- Qemu-wiki: http://wiki.qemu.org
- Qemu-security process: http://wiki.qemu.org/SecurityProcess
| CVE | Description | Fixed in Arno | Fixed in Master |
|---|---|---|---|
| CVE-2015-8104 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. | ||
| CVE-2015-5307 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c. | ||
| CVE-2015-4692 | The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call. | ||
| CVE-2015-0239 | The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction. |
Xen
- Xen-wiki: http://wiki.xen.org/wiki
- Xen-Advisory: http://xenbits.xen.org/xsa
virtualization.1449143762.txt.gz · Last modified: 2015/12/03 11:56 by Sona Sarmadi
Except where otherwise noted, content on this wiki is licensed under the following license: Creative Commons Attribution 4.0 International License
