CVE-2015-8104 — Infinite Loop in Kernel
Severity
10.0CRITICALNVD
NVD5.5OSV4.9
EPSS
0.3%
top 44.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 16
Latest updateJan 5
Description
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0
Affected Packages8 packages
Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 15.04
Patches
🔴Vulnerability Details
16OSV▶
CVE-2023-34328: [This CNA information record relates to multiple CVEs; the
text explains which aspects/vulnerabilities correspond to which CVE↗2024-01-05
OSV▶
CVE-2023-34327: [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE↗2024-01-05
OSV▶
CVE-2023-34328: [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE↗2024-01-05
GHSA▶
GHSA-7fx2-c8rv-2w4f: [This CNA information record relates to multiple CVEs; the
text explains which aspects/vulnerabilities correspond to which CVE↗2024-01-05
📋Vendor Advisories
12💬Community
3Bugzilla▶
CVE-2015-8104 kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception [fedora-all]↗2015-11-10
Bugzilla▶
CVE-2015-8104 xen: kernel: kvm: guest to host DoS by triggering an infinite loop in microcode via #DB exception [fedora-all]↗2015-11-10
Bugzilla▶
CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception↗2015-11-05