Red Hat, Inc. Information for VU#935424
Virtual Machine Monitors (VMM) contain a memory deduplication vulnerability
- Vendor Information Help Date Notified: 11 Aug 2015
- Statement Date: 11 Aug 2015
- Date Updated: 06 Oct 2015
This issue affects the versions of the Linux Kernel as shipped with Red Hat
Enterprise Linux 4, 5, 6 and 7. Red Hat Product Security has rated this issue
as having Low security impact. Additionally a workaround is available. A future
update may address this issue.
VMM layer: Deactivation of memory deduplication Deactivating memory
deduplication will effectively mitigate all attack vectors. This measure
unfortunately eliminates all the highly appreciated benefits of memory
deduplication, namely the increase of operational cost-effectiveness through
inter-VM memory sharing.
Deactivating memory deduplication is the simplest way to prevent exploitation
of this attack. However this will cause an increase in the amount of memory
required and in some situations may adversely impact performance (e.g. due to
slower swap space being used). It is recommended that customers test this
workaround before using it in production.
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.