Notified: August 11, 2015 Updated: September 14, 2015
Affected
Basically if you care about this attack vector, disable deduplication.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 23, 2015 Updated: September 09, 2015
Statement Date: July 24, 2015
Not Affected
There is no impact..
We are not aware of further vendor information regarding this vulnerability.
Notified: July 12, 2015 Updated: September 14, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 11, 2015 Updated: September 09, 2015
Affected
- Virtuozzo 6 (formerly Parallels Cloud Server 6) Virtual Machines are not affected since our hypervisor does not utilize page sharing. - Virtuozzo 6 Containers are affected through "pfcache" feature (enabled by default), in the sense that from inside a Container you can find out whether any other container on the host has (or ever had) the particular application/file (of the particular version). We are considering this information leak a minor issue, which comes as a price for memory deduplication. We have no plans for fixing it. If this is considered a major threat by user, then it could be mitigated by disabling the "pfcache" functionality.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 11, 2015 Updated: October 06, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: August 11, 2015 Updated: October 06, 2015
Statement Date: August 11, 2015
Affected
This issue affects the versions of the Linux Kernel as shipped with Red Hat Enterprise Linux 4, 5, 6 and 7. Red Hat Product Security has rated this issue as having Low security impact. Additionally a workaround is available. A future update may address this issue. VMM layer: Deactivation of memory deduplication Deactivating memory deduplication will effectively mitigate all attack vectors. This measure unfortunately eliminates all the highly appreciated benefits of memory deduplication, namely the increase of operational cost-effectiveness through inter-VM memory sharing. Deactivating memory deduplication is the simplest way to prevent exploitation of this attack. However this will cause an increase in the amount of memory required and in some situations may adversely impact performance (e.g. due to slower swap space being used). It is recommended that customers test this workaround before using it in production.
We are not aware of further vendor information regarding this vulnerability.
Updated: September 14, 2015
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: July 12, 2015 Updated: September 14, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.