The code in qemu which emulates a floppy disk controller did not correctly bounds check accesses to an array and therefore was vulnerable to a buffer overflow attack.

IMPACT

A guest which has access to an emulated floppy device can exploit this vulnerability to take over the qemu process elevating its privilege to that of the qemu process.

VULNERABLE SYSTEMS

All Xen systems running x86 HVM guests without stubdomains are vulnerable to this depending on the specific guest configuration. The default configuration is vulnerable.
Guests using either the traditional “qemu-xen” or upstream qemu device models are vulnerable.
Guests using a qemu-dm stubdomain to run the device model are only vulnerable to takeover of that service domain.
Systems running only x86 PV guests are not vulnerable.
ARM systems are not vulnerable.

checkpoint_security 1

archlinux 1

lenovo 2

redhat 9

osv 6

altlinux 1

fedora 17

openvas 49

suse 13

nessus 56

fortinet 1

freebsd 1

huawei 1

debian 6

threatpost 3

ibm 4

oraclelinux 4

f5 2

arista 1

mageia 3

centos 4

ubuntucve 1

myhack58 1

prion 1

veracode 1

cve 1

thn 2

symantec 1

debiancve 1

securityvulns 2

ubuntu 1

gentoo 2

checkpoint_security

Check Point response to CVE-2015-3456 (VENOM)

2015-05-12 21:00:00

archlinux

qemu: arbitrary code execution

2015-05-14 00:00:00

lenovo

Venom

2017-01-23 00:00:00

Venom - Lenovo Support US

2017-01-23 00:00:00

redhat

(RHSA-2015:1011) Important: rhev-hypervisor security update

2015-05-15 00:00:00

(RHSA-2015:1031) Important: qemu-kvm security update

2015-05-27 00:00:00

(RHSA-2015:1001) Important: qemu-kvm-rhev security update

2015-05-13 00:00:00

osv

virtualbox - security update

2015-05-28 00:00:00

xen - security update

2015-05-18 00:00:00

qemu-kvm - security update

2015-06-19 00:00:00

altlinux

Security fix for the ALT Linux 7 package qemu version 1.4.0-alt1.1.M70P.1

2015-05-15 00:00:00

fedora

[SECURITY] Fedora 22 Update: xen-4.5.0-9.fc22

2015-05-26 03:43:40

[SECURITY] Fedora 22 Update: qemu-2.3.0-4.fc22

2015-05-26 03:41:20

[SECURITY] Fedora 22 Update: qemu-2.3.0-5.fc22

2015-06-11 18:35:42

openvas

Debian Security Advisory DSA 3262-1 (xen - security update)

2015-05-18 00:00:00

RedHat Update for xen RHSA-2015:1002-01

2015-06-09 00:00:00

Oracle Linux Local Check: ELSA-2015-0999

2015-10-06 00:00:00

suse

Security update for KVM (important)

2015-05-16 00:04:49

Security update for qemu (important)

2015-05-18 14:04:51

Security update for Xen (important)

2015-05-26 14:06:51

nessus

Oracle Linux 7 : qemu-kvm (ELSA-2015-0999) (Venom)

2015-05-14 00:00:00

CentOS 5 : xen (CESA-2015:1002) (Venom)

2015-05-13 00:00:00

RHEL 7 : qemu-kvm (RHSA-2015:0999) (Venom)

2015-05-13 00:00:00

fortinet

CVE-2015-3456 "VENOM" vulnerability

2015-05-19 00:00:00

freebsd

qemu, xen and VirtualBox OSE -- possible VM escape and code execution ("VENOM")

2015-04-29 00:00:00

huawei

Security Advisory - VENOM Vulnerability in Huawei Products

2015-06-09 00:00:00

debian

[SECURITY] [DLA 248-1] qemu security update

2015-06-19 15:05:33

[SECURITY] [DSA 3262-1] xen security update

2015-05-18 21:29:25

[SECURITY] [DLA 249-1] qemu-kvm security update

2015-06-19 15:19:48

threatpost

Oracle Patches VENOM Vulnerability

2015-05-18 10:49:00

Flaw in Virtualization Software Could Lead to VM Escapes, Data Theft

2015-05-13 09:34:43

Oracle Patches Java Zero Day

2015-07-15 09:44:12

ibm

Security Bulletin:Venom qemu vulnerability affects PowerKVM (CVE-2015-3456)

2018-06-18 01:28:20

Security Bulletin: Venom vulnerability affects IBM SmartCloud Provisioning 2.1 for IBM Software Virtual Appliance

2018-06-17 22:30:13

Security Bulletin: Venom vulnerability affects IBM Flex System Manager (FSM) (CVE-2015-3456)

2019-01-31 02:10:01

oraclelinux

qemu-kvm security update

2015-05-13 00:00:00

kvm security update

2015-05-13 00:00:00

xen security update

2015-05-13 00:00:00

SOL16620 - QEMU vulnerability CVE-2015-3456

2015-05-13 00:00:00

K16620 : QEMU vulnerability CVE-2015-3456

2015-10-03 00:00:00

arista

Security Advisory 0010

2015-05-14 00:00:00

mageia

Updated virtualbox packages fix security vulnerabilities

2015-05-15 21:23:49

Updated qemu packages fix CVE-2015-3456

2015-05-13 18:54:07

Updated xen packages fix security vulnerabilities

2016-03-07 14:20:30

centos

qemu security update

2015-05-13 15:37:07

xen security update

2015-05-13 15:16:55

libcacard, qemu security update

2015-05-13 16:57:36

ubuntucve

CVE-2015-3456

2015-05-13 00:00:00

myhack58

Vulnerability warning:“venom（VENOM”the vulnerability affects millions worldwide virtual machine security-vulnerability warning-the black bar safety net

2015-05-15 00:00:00

prion

Out-of-bounds

2015-05-13 18:59:00

veracode

Denial Of Service (DoS)

2019-01-15 09:05:54

cve

CVE-2015-3456

2015-05-13 18:59:00

thn

Why You Should Consider QEMU Live Patching

2021-09-23 11:16:00

Venom Vulnerability Exposes Most Data Centers to Cyber Attacks

2015-05-14 05:32:00

symantec

SA95 : VENOM Vulnerability in Virtualization Platforms

2015-05-15 08:00:00

debiancve

CVE-2015-3456

2015-05-13 18:59:00

securityvulns

[USN-2608-1] QEMU vulnerabilities

2015-05-17 00:00:00

libvirt / qemu security vulnerabilities

2015-05-17 00:00:00

ubuntu

QEMU vulnerabilities

2015-05-13 00:00:00

gentoo

VirtualBox: Multiple vulnerabilities

2016-12-11 00:00:00

QEMU: Multiple vulnerabilities

2016-02-04 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.7 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.1%

JSON

Related for XSA-133