CVE-2015-7971

Impact:
Moderate
Public Date:
2015-10-29
Bugzilla:
1272525: CVE-2015-7971 xen: Some pmu and profiling hypercalls log without rate limiting on x86

The MITRE CVE dictionary describes this issue as:

Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c.

Find out more about CVE-2015-7971 from the MITRE CVE dictionary dictionary and NIST NVD.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 xen Will not fix

Mitigation

The problematic log messages are issued with priority Warning. Therefore they can be rate limited by adding "loglvl=error/warning" to the hypervisor command line or suppressed entirely by adding "loglvl=error". On systems where the guest kernel is controlled by the host rather than guest administrator, running only kernels which do not call these hypercalls will also prevent untrusted guest users from exploiting this issue. However untrusted guest administrators can still trigger it unless further steps are taken to prevent them from loading code into the kernel (e.g. by disabling loadable modules etc) or from using other mechanisms which allow them to run code at kernel privilege.

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.