Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM95B7B3979FC49D7BDE916B55817117EE4921D7D95F322B44E9B8A81102041520
HistoryJun 18, 2018 - 1:29 a.m.

Security Bulletin: Vulnerabilities in Qemu affect PowerKVM (Multiple Vulnerabilities)

2018-06-1801:29:41
www.ibm.com
22

EPSS

0.003

Percentile

71.5%

JSON

Summary

PowerKVM is affected by six vulnerabilities in Qemu. These vulnerabilities are now fixed.

Vulnerability Details

CVEID: CVE-2015-5154**
DESCRIPTION:** QEMU is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the IDE subsystem while processing ATAPI commands. A local attacker on a guest system with CDROM drive enabled could overflow a buffer and execute arbitrary code on the host system with the privileges of the QEMU process assigned to the guest system.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/105114 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L)

CVEID: CVE-2015-5158**
DESCRIPTION:** QEMU, built with the SCSI device emulation support, is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing SCSI command descriptor block with an invalid operation code. A local authenticated attacker could exploit this vulnerability to overflow a buffer and cause the Qemu instance to crash.
CVSS Base Score: 4.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/105008 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2015-5225**
DESCRIPTION:** QEMU is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the vnc_refresh_server_surface() function. A local attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the host system or cause the QEMU process to crash.
CVSS Base Score: 5.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106397 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L)

CVEID: CVE-2015-5278**
DESCRIPTION:** Qemu is vulnerable to a denial of service, caused by an error in the ne2000_receive() function. By sending specially crafted packets, a remote attacker from within the local network could exploit this vulnerability to cause the application to enter into an infinite loop and crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106361 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-5279**
DESCRIPTION:** Qemu is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the ne2000_receive() function. By sending specially crafted packets, a remote attacker from within the local network could overflow a buffer and execute arbitrary code on the system or cause the Qemu instance to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106356 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2015-6815**
DESCRIPTION:** Qemu, built with the e1000 NIC emulation support, is vulnerable to a denial of service, caused by an error when processing transmit descriptor data. By sending a specially crafted network packet, a remote authenticated attacker from within the local network could exploit this vulnerability to trigger an infinite loop and cause the application to crash.
CVSS Base Score: 3.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106249 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

PowerKVM 2.1

Remediation/Fixes

Fix is made available via Fix Central (https://ibm.biz/BdEnT8) in 2.1.1 Build 65.1 and all later 2.1.1 SP3 service builds and 2.1.1 fix packs. For systems currently running fix levels of PowerKVM prior to 2.1.1, please see <http://download4.boulder.ibm.com/sar/CMA/OSA/05e4c/0/README&gt; for prerequisite fixes and instructions. Customers can also update from 2.1.1 (GA and later levels) by using “yum update”.

Workarounds and Mitigations

None

Related

fedora 11
openvas 39
nessus 54
osv 3
debian 6
freebsd 5
securityvulns 4
ubuntu 2
arista 1
suse 8
mageia 2
f5 2
archlinux 1
gentoo 1
ubuntucve 6
prion 6
cvelist 6
centos 4
oraclelinux 4
redhat 10
veracode 3
nvd 6
ibm 1
cve 6
debiancve 6
xen 1
threatpost 1
fedora
fedora
[SECURITY] Fedora 21 Update: qemu-2.1.3-11.fc21
2015-10-09 11:22:14
[SECURITY] Fedora 23 Update: qemu-2.4.0-4.fc23
2015-09-24 05:25:32
[SECURITY] Fedora 22 Update: qemu-2.3.1-5.fc22
2015-10-09 10:30:39
openvas
openvas
Fedora Update for qemu FEDORA-2015-16368
2015-10-13 00:00:00
Fedora Update for qemu FEDORA-2015-16369
2015-10-13 00:00:00
Debian: Security Advisory (DSA-3361-1)
2015-09-17 00:00:00
nessus
nessus
Fedora 21 : qemu-2.1.3-11.fc21 (2015-16368)
2015-10-12 00:00:00
Fedora 22 : qemu-2.3.1-5.fc22 (2015-16369)
2015-10-12 00:00:00
Fedora 23 : qemu-2.4.0-4.fc23 (2015-16370)
2015-09-24 00:00:00
osv
osv
qemu - security update
2015-09-18 00:00:00
qemu-kvm - security update
2015-09-18 00:00:00
qemu - security update
2015-09-02 00:00:00
debian
debian
[SECURITY] [DSA 3361-1] qemu security update
2015-09-18 20:09:18
[SECURITY] [DSA 3362-1] qemu-kvm security update
2015-09-18 20:09:30
[SECURITY] [DSA 3361-1] qemu security update
2015-09-18 20:09:18
freebsd
freebsd
qemu -- denial of service vulnerabilities in NE2000 NIC support
2015-09-15 00:00:00
qemu -- buffer overflow vulnerability in VNC
2015-08-17 00:00:00
qemu -- denial of service vulnerability in e1000 NIC support
2015-09-04 00:00:00
securityvulns
securityvulns
[USN-2745-1] QEMU vulnerabilities
2015-10-12 00:00:00
libvirt / qemu multiple security vulnerabilities
2015-10-12 00:00:00
[USN-2692-1] QEMU vulnerabilities
2015-08-03 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2015-09-24 00:00:00
QEMU vulnerabilities
2015-07-28 00:00:00
arista
arista
Security Advisory 0014
2015-09-23 00:00:00
suse
suse
Security update for qemu (important)
2015-10-20 10:09:58
Security update for kvm (important)
2015-08-31 10:09:59
Security update for kvm (important)
2015-08-20 13:09:25
mageia
mageia
Updated qemu packages fixes security vulnerabilities
2015-10-14 01:40:25
Updated qemu packages fix security vulnerabilities
2015-09-15 17:55:06
f5
f5
K17057 : QEMU vulnerabilities CVE-2015-3214, CVE-2015-5154, and CVE-2015-5158
2015-08-03 00:00:00
SOL17057 - QEMU vulnerabilities CVE-2015-3214, CVE-2015-5154, and CVE-2015-5158
2015-08-03 00:00:00
archlinux
archlinux
qemu: multiple issues
2015-07-29 00:00:00
gentoo
gentoo
QEMU: Arbitrary code execution
2015-10-31 00:00:00
ubuntucve
ubuntucve
CVE-2015-6815
2015-09-08 00:00:00
CVE-2015-5279
2015-09-15 00:00:00
CVE-2015-5225
2015-08-25 00:00:00
prion
prion
Buffer overflow
2015-11-06 21:59:00
Heap overflow
2015-09-28 16:59:00
Design/Logic Flaw
2020-01-31 22:15:00
cvelist
cvelist
CVE-2015-6815
2020-01-31 21:38:47
CVE-2015-5279
2015-09-28 16:00:00
CVE-2015-5225
2015-11-06 21:00:00
centos
centos
kmod, kvm security update
2015-10-22 19:35:05
xen security update
2015-11-16 20:32:24
qemu security update
2015-10-22 19:30:36
oraclelinux
oraclelinux
kvm security update
2015-10-22 00:00:00
xen security update
2015-11-16 00:00:00
qemu-kvm security update
2015-10-22 00:00:00
redhat
redhat
(RHSA-2015:1896) Important: qemu-kvm-rhev security update
2015-10-15 12:09:44
(RHSA-2015:1923) Important: qemu-kvm-rhev security update
2015-10-22 00:00:00
(RHSA-2015:2065) Important: xen security update
2015-11-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:56
Denial Of Service (DoS)
2019-01-15 09:07:39
Heap-Based Buffer Overflow
2019-05-02 05:41:34
nvd
nvd
CVE-2015-5279
2015-09-28 16:59:02
CVE-2015-6815
2020-01-31 22:15:11
CVE-2015-5225
2015-11-06 21:59:05
ibm
ibm
Security Bulletin: Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:33:00
cve
cve
CVE-2015-6815
2020-01-31 22:15:11
CVE-2015-5279
2015-09-28 16:59:02
CVE-2015-5225
2015-11-06 21:59:05
debiancve
debiancve
CVE-2015-5279
2015-09-28 16:59:02
CVE-2015-6815
2020-01-31 22:15:11
CVE-2015-5278
2020-01-23 20:15:11
xen
xen
QEMU heap overflow flaw while processing certain ATAPI commands.
2015-07-27 12:00:00
threatpost
threatpost
Xen Patches VM Escape Flaw
2015-07-31 09:21:27

EPSS

0.003

Percentile

71.5%

JSON
Related for 95B7B3979FC49D7BDE916B55817117EE4921D7D95F322B44E9B8A81102041520
fedora11openvas39nessus54osv3debian6freebsd5securityvulns4ubuntu2arista1suse8mageia2f52archlinux1gentoo1ubuntucve6prion6cvelist6centos4oraclelinux4redhat10veracode3nvd6ibm1cve6debiancve6xen1threatpost1