Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kernel Virtual Machine 内存损坏漏洞
Vulnerability Description
Linux kernel 2.6.32版本至4.x版本中的Kernel Samepage Merging (KSM)存在安全漏洞。攻击者可利用该漏洞破坏ASLR保护机制。
CVSS Information
N/A
Vulnerability Type
N/A