CVE-2015-2877

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.32 through 4.x

Description The issue is related to the Kernel Samepage Merging (KSM) component in the Linux kernel, which does not prevent the use of a write-timing side channel. This allows guest OS users to defeat the Address Space Layout Randomization (ASLR) protection mechanism on other guest OS instances via a Cross-VM ASL Introspection (CAIN) attack. The vendor suggests disabling deduplication to mitigate this attack vector. This issue can be classified as a potentially misunderstood behavior rather than a vulnerability, as share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure.

Recommendations For Linux kernel versions 2.6.32 through 4.x, consider disabling deduplication to mitigate the risk of exploitation. As a temporary workaround, restrict the use of the Kernel Samepage Merging (KSM) component until a more comprehensive solution is available.