3 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-2877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write- timing side channel, which allows guest OS users to defeat t...
CVE-2015-2877
CVE-2015-2877 affects Kernel Samepage Merging (KSM) in Linux kernels 2.6.32–4.x. The write-timing side channel allows a guest OS user to defeat ASLR on other guest instances via Cross-VM ASL Introspection (CAIN). The entry notes that disabling deduplication mitigates the attack vector. No explici...
CVE-2015-2877
Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection CAIN attack. NOTE: the vendor states "Basically ...