Lucene search

[email protected]CVE-2015-4037

HistoryAug 26, 2015 - 7:59 p.m.

CVE-2015-4037

2015-08-2619:59:00

CWE-17

[email protected]

web.nvd.nist.gov

cve-2015-4037

qemu

slirp_smb

denial of service

nvd

security vulnerability

6.2 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

9.4%

JSON

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.- files before the program.

CPENameOperatorVersion
qemu:qemuqemule2.3.0

CPE	Name	Operator	Version
qemu:qemu	qemu	le	2.3.0

References

lists.fedoraproject.org/pipermail/package-announce/2015-June/160058.html

lists.fedoraproject.org/pipermail/package-announce/2015-June/160414.html

lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html

lists.opensuse.org/opensuse-updates/2015-11/msg00063.html

www.debian.org/security/2015/dsa-3284

www.debian.org/security/2015/dsa-3285

www.openwall.com/lists/oss-security/2015/05/13/7

www.openwall.com/lists/oss-security/2015/05/16/5

www.openwall.com/lists/oss-security/2015/05/23/4

www.securityfocus.com/bid/74809

www.securitytracker.com/id/1032547

www.ubuntu.com/usn/USN-2630-1

bugzilla.redhat.com/show_bug.cgi?id=1222892

6.2 Medium

AI Score

Confidence

High

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

9.4%

JSON

Related for CVE-2015-4037

prion1 nessus18 f51 ubuntucve1 debiancve1 openvas24 suse9 fedora3 debian4 osv2 ibm2 securityvulns2 ubuntu1 mageia1