Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2015-3611
CVE-2015-3611:
Fortinet FortiManager vulnerability analysis and mitigation
Overview
A race condition vulnerability identified as CVE-2015-3611 was discovered in the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem. The vulnerability was reported by Lars Bull of Google and was disclosed in early 2015 (Red Hat Advisory).
Technical details
The vulnerability exists in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. The flaw was rated as having Important security impact by Red Hat Product Security (Red Hat Advisory).
Impact
When exploited, this vulnerability allows a guest user who has access to the PIT I/O ports to crash the host system (Red Hat Advisory).
Mitigation and workarounds
Red Hat released updated kvm packages containing backported patches to address this vulnerability. The mitigation requires stopping all KVM guest virtual machines, either rebooting the hypervisor machine or removing and reloading the affected modules (kvm, ksm, kvm-intel or kvm-amd), and then restarting the KVM guest virtual machines (Red Hat Advisory).
Additional resources
Source: This report was generated using AI
Related Fortinet FortiManager vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management