← Volver a CVEs
CVE-2015-2877
LOW3.3
Descripcion
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities
Detalles CVE
Puntuacion CVSS v3.13.3
SeveridadLOW
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado3/3/2017
Ultima modificacion4/20/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
linux:linux_kernelredhat:enterprise_linux
Debilidades (CWE)
CWE-200
Referencias
http://www.antoniobarresi.com/files/cain_advisory.txt(cret@cert.org)
http://www.kb.cert.org/vuls/id/935424(cret@cert.org)
http://www.securityfocus.com/bid/76256(cret@cert.org)
https://bugzilla.redhat.com/show_bug.cgi?id=1252096(cret@cert.org)
https://www.kb.cert.org/vuls/id/BGAR-A2CNKG(cret@cert.org)
https://www.kb.cert.org/vuls/id/BLUU-9ZAHZH(cret@cert.org)
http://www.antoniobarresi.com/files/cain_advisory.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/935424(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/76256(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1252096(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/BGAR-A2CNKG(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/BLUU-9ZAHZH(af854a3a-2127-422b-91ae-364da2661108)
https://www.usenix.org/system/files/conference/woot15/woot15-paper-barresi.pdf(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.