Computer Security
[EN] securityvulns.ru no-pyccku


libvirt / qemu multiple security vulnerabilities
updated since 03.08.2015
Published:31.08.2015
Source:
SecurityVulns ID:14620
Type:library
Threat Level:
6/10
Description:Multiple memory corruptions.
Affected:QEMU : qemu 2.2
CVE:CVE-2015-5745
 CVE-2015-5225 (Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.)
 CVE-2015-5166 (Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.)
 CVE-2015-5165 (The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.)
 CVE-2015-5158
 CVE-2015-5154 (Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.)
 CVE-2015-3214 (The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.)
Original documentdocumentUBUNTU, [USN-2724-1] QEMU vulnerabilities (31.08.2015)
 documentUBUNTU, [USN-2692-1] QEMU vulnerabilities (03.08.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod