Thomas R. Gross

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 2.6.32 through 4.x **Description** The issue is related to the Kernel Samepage Merging (KSM) component in the Linux kernel, which does not prevent the use of a write-timing side channel. This allows guest OS users to defeat the Address Space Layout Randomization (ASLR) protection mechanism on other guest OS instances via a Cross-VM ASL Introspection (CAIN) attack. The vendor suggests disabling deduplication to mitigate this attack vector. This issue can be classified as a potentially misunderstood behavior rather than a vulnerability, as share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure. **Recommendations** For Linux kernel versions 2.6.32 through 4.x, consider disabling deduplication to mitigate the risk of exploitation. As a temporary workaround, restrict the use of the Kernel Samepage Merging (KSM) component until a more comprehensive solution is available.