CVE-2015-3214

🗓️ 31 Aug 2015 10:59:07Reported by [email protected]Type

The pit_ioport_read vulnerability in Linux kernel and QEMU allows guest OS users to execute arbitrary code on the host O

Reporter	Title	Published	Views	Family All 92
0day.today	QEMU Programmable Interrupt Timer Controller Heap Overflow Exploit	27 Aug 201500:00	–	zdt
FreeBSD	qemu -- code execution on host machine	17 Jun 201500:00	–	freebsd
Arista	Security Advisory 0013	4 Sep 201500:00	–	arista
ArchLinux	qemu: multiple issues	29 Jul 201500:00	–	archlinux
IBM Security Bulletins	Security Bulletin: PowerKVM is affected by two Qemu vulnerabilities	18 Jun 201801:28	–	ibm
BDU FSTEC	The vulnerability of the QEMU hardware emulation software allows a hacker to execute any code on the host operating system.	15 Sep 201500:00	–	bdu_fstec
Tenable Nessus	CentOS 7 : qemu-kvm (CESA-2015:1507)	28 Jul 201500:00	–	nessus
Tenable Nessus	Debian DSA-3348-1 : qemu - security update	3 Sep 201500:00	–	nessus
Tenable Nessus	Fedora 23 : qemu-2.4.0-1.fc23 (2015-13358)	24 Aug 201500:00	–	nessus
Tenable Nessus	Fedora 22 : qemu-2.3.1-1.fc22 (2015-13402)	18 Aug 201500:00	–	nessus

NVD

Node

qemu qemuRange≤2.3.0

linux linux_kernelRange≤2.6.32

Node

arista eosMatch4.12

arista eosMatch4.13

arista eosMatch4.14

arista eosMatch4.15

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

Node

lenovo emc_px12-400r_ivxRange<1.0.10.33264

lenovo emc_px12-450r_ivxRange<1.0.10.33264

Node

redhat openstackMatch5.0

redhat openstackMatch6.0

redhat virtualizationMatch3.0

redhat enterprise_linux_compute_node_eusMatch7.1

redhat enterprise_linux_compute_node_eusMatch7.2

redhat enterprise_linux_compute_node_eusMatch7.3

redhat enterprise_linux_compute_node_eusMatch7.4

redhat enterprise_linux_compute_node_eusMatch7.5

redhat enterprise_linux_compute_node_eusMatch7.6

redhat enterprise_linux_compute_node_eusMatch7.7

redhat enterprise_linux_for_power_big_endianMatch7.0

redhat enterprise_linux_for_power_big_endian_eusMatch7.1_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.2_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.3_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.4_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.5_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.6_ppc64

redhat enterprise_linux_for_power_big_endian_eusMatch7.7_ppc64

redhat enterprise_linux_for_scientific_computingMatch7.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.3

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_ausMatch7.7

redhat enterprise_linux_server_eusMatch7.1

redhat enterprise_linux_server_eusMatch7.2

redhat enterprise_linux_server_eusMatch7.3

redhat enterprise_linux_server_eusMatch7.4

redhat enterprise_linux_server_eusMatch7.5

redhat enterprise_linux_server_eusMatch7.6

redhat enterprise_linux_server_eusMatch7.7

redhat enterprise_linux_server_from_rhuiMatch7.0

redhat enterprise_linux_server_tusMatch7.3

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_server_tusMatch7.7

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.2

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.3

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.4

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.6

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch7.7

redhat enterprise_linux_workstationMatch7.0

Source	Link
github	www.github.com/torvalds/linux/commit/ee73f656a604d5aa9df86a97102e4e462dd79924
debian	www.debian.org/security/2015/dsa-3348
securitytracker	www.securitytracker.com/id/1032598
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
arista	www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13
rhn	www.rhn.redhat.com/errata/RHSA-2015-1512.html
openwall	www.openwall.com/lists/oss-security/2015/06/25/7
exploit-db	www.exploit-db.com/exploits/37990/
security	www.security.gentoo.org/glsa/201510-02
mail-archive	www.mail-archive.com/qemu-devel%40nongnu.org/msg304138.html

06 May 2026 22:30Current

6.3Medium risk

Vulners AI Score6.3

CVSS 26.9

EPSS0.01593

CWE-119