Lucene search

[email protected]CVE-2015-3214

HistoryAug 31, 2015 - 10:59 a.m.

CVE-2015-3214

2015-08-3110:59:07

CWE-119

[email protected]

web.nvd.nist.gov

113

cve-2015-3214

linux kernel

qemu

i8254.c

security vulnerability

arbitrary code execution

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.4%

JSON

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.

Affected configurations

NVD

Node

qemuqemuRange≤2.3.0

linuxlinux_kernelRange≤2.6.32

Node

aristaeosMatch4.12

aristaeosMatch4.13

aristaeosMatch4.14

aristaeosMatch4.15

Node

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

Node

lenovoemc_px12-400r_ivxRange<1.0.10.33264

lenovoemc_px12-450r_ivxRange<1.0.10.33264

Node

redhatopenstackMatch5.0

redhatopenstackMatch6.0

redhatvirtualizationMatch3.0

redhatenterprise_linux_compute_node_eusMatch7.1

redhatenterprise_linux_compute_node_eusMatch7.2

redhatenterprise_linux_compute_node_eusMatch7.3

redhatenterprise_linux_compute_node_eusMatch7.4

redhatenterprise_linux_compute_node_eusMatch7.5

redhatenterprise_linux_compute_node_eusMatch7.6

redhatenterprise_linux_compute_node_eusMatch7.7

redhatenterprise_linux_for_power_big_endianMatch7.0

redhatenterprise_linux_for_power_big_endian_eusMatch7.1_ppc64

redhatenterprise_linux_for_power_big_endian_eusMatch7.2_ppc64

redhatenterprise_linux_for_power_big_endian_eusMatch7.3_ppc64

redhatenterprise_linux_for_power_big_endian_eusMatch7.4_ppc64

redhatenterprise_linux_for_power_big_endian_eusMatch7.5_ppc64

redhatenterprise_linux_for_power_big_endian_eusMatch7.6_ppc64

redhatenterprise_linux_for_power_big_endian_eusMatch7.7_ppc64

redhatenterprise_linux_for_scientific_computingMatch7.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch7.3

redhatenterprise_linux_server_ausMatch7.4

redhatenterprise_linux_server_ausMatch7.6

redhatenterprise_linux_server_ausMatch7.7

redhatenterprise_linux_server_eusMatch7.1

redhatenterprise_linux_server_eusMatch7.2

redhatenterprise_linux_server_eusMatch7.3

redhatenterprise_linux_server_eusMatch7.4

redhatenterprise_linux_server_eusMatch7.5

redhatenterprise_linux_server_eusMatch7.6

redhatenterprise_linux_server_eusMatch7.7

redhatenterprise_linux_server_from_rhuiMatch7.0

redhatenterprise_linux_server_tusMatch7.3

redhatenterprise_linux_server_tusMatch7.6

redhatenterprise_linux_server_tusMatch7.7

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.2

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.3

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.4

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.6

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.7

redhatenterprise_linux_workstationMatch7.0

CPENameOperatorVersion
qemu:qemuqemule2.3.0
linux:linux_kernellinux linux kernelle2.6.32

CPE	Name	Operator	Version
qemu:qemu	qemu	le	2.3.0
linux:linux_kernel	linux linux kernel	le	2.6.32

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee73f656a604d5aa9df86a97102e4e462dd79924

mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33

rhn.redhat.com/errata/RHSA-2015-1507.html

rhn.redhat.com/errata/RHSA-2015-1508.html

rhn.redhat.com/errata/RHSA-2015-1512.html

www.debian.org/security/2015/dsa-3348

www.openwall.com/lists/oss-security/2015/06/25/7

www.securityfocus.com/bid/75273

www.securitytracker.com/id/1032598

bugzilla.redhat.com/show_bug.cgi?id=1229640

github.com/torvalds/linux/commit/ee73f656a604d5aa9df86a97102e4e462dd79924

security.gentoo.org/glsa/201510-02

support.lenovo.com/product_security/qemu

support.lenovo.com/us/en/product_security/qemu

www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13

www.exploit-db.com/exploits/37990/

www.mail-archive.com/qemu-devel%40nongnu.org/msg304138.html

Social References

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.4%

JSON

Related for CVE-2015-3214

nessus16 prion1 nvd1 debiancve1 ubuntucve1 cvelist1 zdt1 veracode2 freebsd1 lenovo1 redhat3 centos1 ibm1 oraclelinux1 openvas14 f52 archlinux1 ubuntu1 securityvulns2 gentoo1 osv1 fedora3 debian2 arista1 mageia1 suse3