CVE-2015-3214

🗓️ 31 Aug 2015 10:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 172 Views

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index

Reporter	Title	Published	Views	Family All 91
0day.today	QEMU Programmable Interrupt Timer Controller Heap Overflow Exploit	27 Aug 201500:00	–	zdt
FreeBSD	qemu -- code execution on host machine	17 Jun 201500:00	–	freebsd
Arista	Security Advisory 0013	4 Sep 201500:00	–	arista
ArchLinux	qemu: multiple issues	29 Jul 201500:00	–	archlinux
IBM Security Bulletins	Security Bulletin: PowerKVM is affected by two Qemu vulnerabilities	18 Jun 201801:28	–	ibm
Tenable Nessus	CentOS 7 : qemu-kvm (CESA-2015:1507)	28 Jul 201500:00	–	nessus
Tenable Nessus	Debian DSA-3348-1 : qemu - security update	3 Sep 201500:00	–	nessus
Tenable Nessus	Fedora 23 : qemu-2.4.0-1.fc23 (2015-13358)	24 Aug 201500:00	–	nessus
Tenable Nessus	Fedora 22 : qemu-2.3.1-1.fc22 (2015-13402)	18 Aug 201500:00	–	nessus
Tenable Nessus	Fedora 21 : qemu-2.1.3-9.fc21 (2015-13404)	2 Sep 201500:00	–	nessus

NVD

Node

qemu qemuRange≤2.3.0

linux linux_kernelRange≤2.6.32

Node

arista eosMatch4.12

arista eosMatch4.13

arista eosMatch4.14

arista eosMatch4.15

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

Node

lenovo emc_px12-400r_ivxRange<1.0.10.33264

lenovo emc_px12-450r_ivxRange<1.0.10.33264

Node

redhat openstackMatch5.0

redhat openstackMatch6.0

redhat virtualizationMatch3.0

redhat enterprise_linux_compute_node_eusMatch7.1

redhat enterprise_linux_compute_node_eusMatch7.2

redhat enterprise_linux_compute_node_eusMatch7.3

redhat enterprise_linux_compute_node_eusMatch7.4

redhat enterprise_linux_compute_node_eusMatch7.5

redhat enterprise_linux_compute_node_eusMatch7.6

redhat enterprise_linux_compute_node_eusMatch7.7

redhat enterprise_linux_for_power_big_endianMatch7.0

redhat enterprise_linux_for_power_big_endian_eusMatch7.1_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.2_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.3_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.4_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.5_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.6_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.7_ppc64

redhat enterprise_linux_for_scientific_computingMatch7.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.3

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_ausMatch7.7

redhat enterprise_linux_server_eusMatch7.1

redhat enterprise_linux_server_eusMatch7.2

redhat enterprise_linux_server_eusMatch7.3

redhat enterprise_linux_server_eusMatch7.4

redhat enterprise_linux_server_eusMatch7.5

redhat enterprise_linux_server_eusMatch7.6

redhat enterprise_linux_server_eusMatch7.7

redhat enterprise_linux_server_from_rhuiMatch7.0

redhat enterprise_linux_server_tusMatch7.3

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_server_tusMatch7.7

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.2

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.3

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.4

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.6

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.7

redhat enterprise_linux_workstationMatch7.0

Source	Link
exploit-db	www.exploit-db.com/exploits/37990/
rhn	www.rhn.redhat.com/errata/RHSA-2015-1512.html
support	www.support.lenovo.com/us/en/product_security/qemu
rhn	www.rhn.redhat.com/errata/RHSA-2015-1507.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/torvalds/linux/commit/ee73f656a604d5aa9df86a97102e4e462dd79924
debian	www.debian.org/security/2015/dsa-3348
git	www.git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
mirror	www.mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33
securitytracker	www.securitytracker.com/id/1032598

06 May 2026 22:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.9

EPSS0.01593

CWE-119