Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-3515HistoryNov 23, 2012 - 8:55 p.m.
CVE-2012-3515
2012-11-2320:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.7%
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a “device model’s address space.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | qemu | < 1.1.2+dfsg-1 | qemu_1.1.2+dfsg-1_all.deb |
| Debian | 11 | all | qemu | < 1.1.2+dfsg-1 | qemu_1.1.2+dfsg-1_all.deb |
| Debian | 10 | all | qemu | < 1.1.2+dfsg-1 | qemu_1.1.2+dfsg-1_all.deb |
| Debian | 999 | all | qemu | < 1.1.2+dfsg-1 | qemu_1.1.2+dfsg-1_all.deb |
| Debian | 13 | all | qemu | < 1.1.2+dfsg-1 | qemu_1.1.2+dfsg-1_all.deb |
| Debian | 12 | all | xen | < 4.1.3-2 | xen_4.1.3-2_all.deb |
| Debian | 11 | all | xen | < 4.1.3-2 | xen_4.1.3-2_all.deb |
| Debian | 10 | all | xen | < 4.1.3-2 | xen_4.1.3-2_all.deb |
| Debian | 999 | all | xen | < 4.1.3-2 | xen_4.1.3-2_all.deb |
| Debian | 13 | all | xen | < 4.1.3-2 | xen_4.1.3-2_all.deb |
Related
openvas
openvas
CentOS Update for kmod-kvm CESA-2012:1235 centos5
2012-09-07 00:00:00
RedHat Update for xen RHSA-2012:1236-01
2012-09-07 00:00:00
CentOS Update for qemu-guest-agent CESA-2012:1234 centos6
2012-09-07 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 08:56:53
nessus
nessus
Fedora 16 : qemu-0.15.1-8.fc16 (2012-15606)
2012-10-17 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : qemu-kvm vulnerability (USN-1590-1)
2012-10-03 00:00:00
Oracle Linux 5 : kvm (ELSA-2012-1235)
2013-07-12 00:00:00
centos
centos
xen security update
2012-09-05 17:58:14
kmod, kvm security update
2012-09-05 18:11:48
qemu security update
2012-09-05 18:27:02
suse
suse
qemu: Fix buffer overflow in console VT100 emulation (important)
2012-09-14 14:08:59
Security update for qemu (important)
2012-10-25 00:09:21
Security update for kvm (important)
2012-09-18 15:08:40
redhat
redhat
(RHSA-2012:1235) Important: kvm security update
2012-09-05 00:00:00
(RHSA-2012:1234) Important: qemu-kvm security update
2012-09-05 00:00:00
(RHSA-2012:1233) Important: qemu-kvm-rhev security and bug fix update
2012-09-05 00:00:00
cve
cve
CVE-2012-3515
2012-11-23 20:55:00
oraclelinux
oraclelinux
qemu-kvm security update
2012-09-05 00:00:00
xen security update
2012-09-05 00:00:00
kvm security update
2012-09-05 00:00:00
f5
f5
SOL13405416 - QEMU vulnerability CVE-2012-3515
2016-01-05 00:00:00
K13405416 : QEMU vulnerability CVE-2012-3515
2016-01-06 00:00:00
securityvulns
securityvulns
[USN-1590-1] QEMU vulnerability
2012-10-04 00:00:00
QEMU memory corruption
2012-10-04 00:00:00
prion
prion
Design/Logic Flaw
2012-11-23 20:55:00
ubuntucve
ubuntucve
CVE-2012-3515
2012-09-06 00:00:00
ubuntu
ubuntu
QEMU vulnerability
2012-10-02 00:00:00
debian
debian
[SECURITY] [DSA 2543-1] xen-qemu-dm-4.0 security update
2012-09-08 21:32:19
[SECURITY] [DSA 2545-1] qemu security update
2012-09-08 21:54:27
[SECURITY] [DSA 2542-1] qemu-kvm security update
2012-09-08 21:12:37
osv
osv
qemu-kvm - multiple
2012-09-08 00:00:00
qemu - multiple
2012-09-08 00:00:00
xen-qemu-dm-4.0 - multiple
2012-09-08 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: qemu-1.0.1-2.fc17
2012-10-13 00:23:29
[SECURITY] Fedora 17 Update: qemu-1.0.1-3.fc17
2013-01-26 15:56:23
[SECURITY] Fedora 16 Update: qemu-0.15.1-8.fc16
2012-10-17 00:22:05
gentoo
gentoo
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.7%
Related for DEBIANCVE:CVE-2012-3515