It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #AC (alignment check exception) is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.
Find out more about CVE-2015-5307 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue affects the version of the kvm and xen packages as shipped with Red Hat Enterprise Linux 5.
This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7. Future kernel updates for the respective releases may address this issue.
Red Hat Enterprise Linux 5 is now in Production Phase 3 of the support and maintenance life cycle. Thus it is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Base Score | 5.2 |
---|---|
Base Metrics | AV:A/AC:M/Au:S/C:N/I:N/A:C |
Access Vector | Adjacent Network |
Access Complexity | Medium |
Authentication | Single |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Platform | Errata | Release Date |
---|---|---|
Red Hat Enterprise Linux Advanced Update Support 6.2 (kernel) | RHSA-2016:0046 | 2016-01-19 |
Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) | RHSA-2015:2645 | 2015-12-15 |
Red Hat Enterprise Linux 7 (kernel) | RHSA-2015:2552 | 2015-12-08 |
Red Hat Enterprise Linux Extended Update Support 6.6 (kernel) | RHSA-2016:0024 | 2016-01-12 |
Red Hat Enterprise Linux 6 (kernel) | RHSA-2015:2636 | 2015-12-15 |
Red Hat Enterprise Linux Advanced Update Support 6.4 (kernel) | RHSA-2016:0004 | 2016-01-07 |
Red Hat Enterprise Linux Extended Update Support 7.1 (kernel) | RHSA-2015:2587 | 2015-12-09 |
Platform | Package | State |
---|---|---|
Red Hat Enterprise MRG 2 | realtime-kernel | Not affected |
Red Hat Enterprise Linux 7 | kernel-rt | Not affected |
Red Hat Enterprise Linux 5 | xen | Will not fix |
Red Hat Enterprise Linux 5 | kvm | Will not fix |
Red Hat Enterprise Linux 5 | kernel | Not affected |