Lucene search

PRIOn knowledge basePRION:CVE-2012-3515

HistoryNov 23, 2012 - 8:55 p.m.

Design/Logic Flaw

2012-11-2320:55:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

29.8%

JSON

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a “device model’s address space.”

CPENameOperatorVersion
ubuntu_linuxeq11.04
ubuntu_linuxeq11.10
ubuntu_linuxeq12.04
ubuntu_linuxeq10.04
debian_linuxeq7.0
debian_linuxeq6.0
opensuseeq11.4
opensuseeq12.2
opensuseeq12.1
qemult1.2.0

Name	Operator	Version
ubuntu_linux	eq	11.04
ubuntu_linux	eq	11.10
ubuntu_linux	eq	12.04
ubuntu_linux	eq	10.04
debian_linux	eq	7.0
debian_linux	eq	6.0
opensuse	eq	11.4
opensuse	eq	12.2
opensuse	eq	12.1
qemu	lt	1.2.0

Rows per page:

1-10 of 321

References

git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log

lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00016.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00026.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00027.html

lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html

lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html

lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html

lists.opensuse.org/opensuse-updates/2012-09/msg00051.html

lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html

rhn.redhat.com/errata/RHSA-2012-1233.html

rhn.redhat.com/errata/RHSA-2012-1234.html

rhn.redhat.com/errata/RHSA-2012-1235.html

rhn.redhat.com/errata/RHSA-2012-1236.html

rhn.redhat.com/errata/RHSA-2012-1262.html

rhn.redhat.com/errata/RHSA-2012-1325.html

secunia.com/advisories/50472

secunia.com/advisories/50528

secunia.com/advisories/50530

secunia.com/advisories/50632

secunia.com/advisories/50689

secunia.com/advisories/50860

secunia.com/advisories/50913

secunia.com/advisories/51413

secunia.com/advisories/55082

security.gentoo.org/glsa/glsa-201309-24.xml

support.citrix.com/article/CTX134708

wiki.xen.org/wiki/Security_Announcements

www.debian.org/security/2012/dsa-2543

www.debian.org/security/2012/dsa-2545

www.openwall.com/lists/oss-security/2012/09/05/10

www.securityfocus.com/bid/55413

www.ubuntu.com/usn/USN-1590-1

security.gentoo.org/glsa/201604-03