Lucene search

PRIOn knowledge basePRION:CVE-2015-5225

HistoryNov 06, 2015 - 9:59 p.m.

Buffer overflow

2015-11-0621:59:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.1%

JSON

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.

CPENameOperatorVersion
fedoraeq22
fedoraeq23
fedoraeq21
qemule2.4.0
openstackeq5.0
openstackeq7.0
openstackeq6.0

Name	Operator	Version
fedora	eq	22
fedora	eq	23
fedora	eq	21
qemu	le	2.4.0
openstack	eq	5.0
openstack	eq	7.0
openstack	eq	6.0

References

rhn.redhat.com/errata/RHSA-2015-1772.html

rhn.redhat.com/errata/RHSA-2015-1837.html

www.debian.org/security/2015/dsa-3348

www.openwall.com/lists/oss-security/2015/08/21/6

www.securityfocus.com/bid/76506

www.securitytracker.com/id/1033547

lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165484.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/166798.html

lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html

lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html

security.gentoo.org/glsa/201602-01

8.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.1%

JSON

Related for PRION:CVE-2015-5225