Qemu: OOB access in address_space_rw leads to segmentation fault

🗓️ 07 Nov 2016 18:14:15Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 2 Views

QEMU out-of-bounds access in address space translate can crash a guest during direct memory access.

Reporter	Title	Published	Views	Family All 66
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Qemu affect PowerKVM	18 Jun 201801:35	–	ibm
CNVD	QEMU Denial of Service Vulnerability (CNVD-2016-01943)	30 Mar 201600:00	–	cnvd
CNVD	QEMU Denial of Service Vulnerability (CNVD-2016-01944)	30 Mar 201600:00	–	cnvd
CVE	CVE-2015-8818	29 Dec 201622:00	–	cve
Cvelist	CVE-2015-8818	29 Dec 201622:00	–	cvelist
Debian CVE	CVE-2015-8818	29 Dec 201622:00	–	debiancve
EUVD	EUVD-2015-8684	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 23 Update: xen-4.5.2-9.fc23	20 Mar 201602:32	–	fedora
Fedora	[SECURITY] Fedora 22 Update: xen-4.5.2-9.fc22	19 Mar 201621:28	–	fedora
Tenable Nessus	Fedora 22 : xen-4.5.2-9.fc22 (2016-38b20aa50f)	21 Mar 201600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	7	x86_64	qemu-img-rhev	10:2.6.0-27.el7	qemu-img-rhev-10:2.6.0-27.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	qemu-kvm-common-rhev	10:2.6.0-27.el7	qemu-kvm-common-rhev-10:2.6.0-27.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	qemu-kvm-rhev	10:2.6.0-27.el7	qemu-kvm-rhev-10:2.6.0-27.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	qemu-kvm-rhev-debuginfo	10:2.6.0-27.el7	qemu-kvm-rhev-debuginfo-10:2.6.0-27.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	qemu-kvm-tools-rhev	10:2.6.0-27.el7	qemu-kvm-tools-rhev-10:2.6.0-27.el7.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2015-8818
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-8818
cve	www.cve.org/CVERecord

21 Nov 2025 17:58Current

7.3High risk

Vulners AI Score7.3

CVSS 22.1

CVSS 3.15.5

EPSS0.00407

qemu address space translate memory region section out of bounds access denial of service