CVE-2016-5412
Advisory lineage Upstream: 0 Downstream: 7
Modified
Published: 06 Aug 2016, 20:00
Last modified:06 Aug 2024, 01:00
Vulnerability Summary
Overall Risk (default)
medium
26/100 CVSS Score
6.5 MEDIUM
v3.0 (nvd)
EPSS Score
0.05% LOW
0% probability -0.03%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
06 Aug 2016, 20:00
Published
Vulnerability first disclosed
06 Aug 2024, 01:00
Last Modified
Vulnerability information updated
Description
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.
CVSS Metrics
- v3.0•MEDIUM•Score: 6.5CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
- v2.0•MEDIUM•Score: 4.6AV:L/AC:L/Au:S/C:N/I:N/A:C
EPSS Trends
Current EPSS score: 0.05%• Percentile: 15%
Techniques & Countermeasures
- CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Affected Systems
- linux•linux_kernel
≤ 4.7
References (7)
- https://bugzilla.redhat.com/show_bug.cgi?id=1349916
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245
- http://www.openwall.com/lists/oss-security/2016/07/28/2
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3
- http://rhn.redhat.com/errata/RHSA-2016-2574.html
- https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3
- https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245