Lucene search
FreeBSDACD5D037-1C33-11E5-BE9C-6805CA1D3BB1HistoryApr 10, 2015 - 12:00 a.m.
qemu -- Heap overflow in QEMU PCNET controller, allowing guest to host escape (CVE-2015-3209)
2015-04-1000:00:00
vuxml.freebsd.org
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.068 Low
EPSS
Percentile
93.8%
The QEMU security team reports:
A guest which has access to an emulated PCNET network
device (e.g. with “model=pcnet” in their VIF configuration)
can exploit this vulnerability to take over the qemu
process elevating its privilege to that of the qemu
process.
References
Related
nessus
nessus
RHEL 5 : kvm (RHSA-2015:1189)
2015-06-26 00:00:00
Oracle Linux 6 : qemu-kvm (ELSA-2015-1087)
2015-06-11 00:00:00
RHEL 6 : qemu-kvm (RHSA-2015:1087)
2015-06-11 00:00:00
openvas
openvas
CentOS Update for kmod-kvm CESA-2015:1189 centos5
2015-07-03 00:00:00
RedHat Update for qemu-kvm RHSA-2015:1087-01
2015-06-11 00:00:00
CentOS Update for qemu-guest-agent CESA-2015:1087 centos6
2015-06-11 00:00:00
oraclelinux
oraclelinux
kvm security update
2015-06-25 00:00:00
qemu-kvm security update
2015-06-10 00:00:00
centos
centos
qemu security update
2015-06-10 15:32:54
kmod, kvm security update
2015-06-26 12:05:54
debiancve
debiancve
CVE-2015-3209
2015-06-15 15:59:00
redhat
redhat
(RHSA-2015:1089) Important: qemu-kvm-rhev security update
2015-06-10 14:50:31
(RHSA-2015:1088) Important: qemu-kvm-rhev security update
2015-06-10 00:00:00
(RHSA-2015:1087) Important: qemu-kvm security update
2015-06-10 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:06:09
prion
prion
Heap overflow
2015-06-15 15:59:00
ubuntucve
ubuntucve
CVE-2015-3209
2015-06-10 00:00:00
xen
xen
Heap overflow in QEMU PCNET controller, allowing guest->host escape
2015-06-10 13:10:00
cve
cve
CVE-2015-3209
2015-06-15 15:59:00
debian
debian
[SECURITY] [DSA 3285-1] qemu-kvm security update
2015-06-12 22:51:04
[SECURITY] [DSA 3285-1] qemu-kvm security update
2015-06-12 22:51:04
[SECURITY] [DSA 3284-1] qemu security update
2015-06-12 22:50:58
suse
suse
Security update for qemu (important)
2015-09-09 18:13:21
Security update for KVM (important)
2015-06-26 15:08:01
Security update for Xen (important)
2015-07-08 17:08:09
osv
osv
qemu-kvm - security update
2015-06-13 00:00:00
qemu - security update
2015-06-13 00:00:00
xen - security update
2015-06-13 00:00:00
gentoo
gentoo
QEMU: Arbitrary code execution
2015-10-31 00:00:00
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: qemu-2.1.3-9.fc21
2015-09-01 07:30:01
[SECURITY] Fedora 23 Update: qemu-2.4.0-1.fc23
2015-08-23 16:43:19
[SECURITY] Fedora 22 Update: xen-4.5.0-11.fc22
2015-06-24 16:01:05
securityvulns
securityvulns
[USN-2630-1] QEMU vulnerabilities
2015-06-13 00:00:00
[SECURITY] [DSA 3286-1] xen security update
2015-06-21 00:00:00
libvirt / qemu / Xen multiple security vulnerabilities
2015-06-21 00:00:00
arista
arista
Security Advisory 0013
2015-09-04 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2015-06-10 00:00:00
f5
f5
K63519101 : Multiple QEMU vulnerabilities
2016-02-16 00:00:00
SOL63519101 - Multiple QEMU vulnerabilities
2016-02-16 00:00:00
mageia
mageia
Updated qemu package fixes security vulnerability
2015-08-11 23:22:53
Updated xen packages fix security vulnerabilities
2016-03-07 14:20:30
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.068 Low
EPSS
Percentile
93.8%
Related for ACD5D037-1C33-11E5-BE9C-6805CA1D3BB1