Lucene search

K

MitreCVELIST:CVE-2015-2152

HistoryMar 18, 2015 - 4:00 p.m.

CVE-2015-2152

2015-03-1816:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.5%

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.

References

lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html

lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html

lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html

www.securityfocus.com/bid/73068

www.securitytracker.com/id/1031806

www.securitytracker.com/id/1031919

xenbits.xen.org/xsa/advisory-119.html

security.gentoo.org/glsa/201504-04

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.5%

Related for CVELIST:CVE-2015-2152

xen1 nvd1 prion1 cve1 nessus12 freebsd1 debiancve1 ubuntucve1 fedora14 openvas20 kaspersky1 suse3 gentoo1 mageia1