retired/CVE-2015-2877


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Description: Cross-VM ASL INtrospection (CAIN)
References:
 https://www.usenix.org/conference/woot15/workshop-program/presentation/barresi
 http://www.antoniobarresi.com/files/cain_advisory.txt
Notes:
 bwh> Depends on KSM, which needs to be explicitly enabled at run-time.
 bwh> It appears to be impractical to fix or mitigate this in KSM.
Bugs:
upstream: ignored "Intrinsic risk of KSM feature"
4.9-upstream-stable: ignored "Intrinsic risk of KSM feature"
3.16-upstream-stable: ignored "Intrinsic risk of KSM feature"
3.2-upstream-stable: ignored "Intrinsic risk of KSM feature"
sid: ignored "Intrinsic risk of KSM feature"
3.16-jessie-security: ignored "Intrinsic risk of KSM feature"
3.2-wheezy-security: ignored "Intrinsic risk of KSM feature"