Lucene search
Ubuntu.comUB:CVE-2015-5225HistoryAug 25, 2015 - 12:00 a.m.
CVE-2015-5225
2015-08-2500:00:00
ubuntu.com
ubuntu.com
15
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
39.6%
Buffer overflow in the vnc_refresh_server_surface function in the VNC
display driver in QEMU before 2.4.0.1 allows guest users to cause a denial
of service (heap memory corruption and process crash) or possibly execute
arbitrary code on the host via unspecified vectors, related to refreshing
the server display surface.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=1255896>
- <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796465>
Notes
| Author | Note |
|---|---|
| mdeslaur | introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=bea60dd7679364493a0d7f5b so precise and trusty are not affected |
Related
nessus
nessus
Fedora 22 : qemu-2.3.1-3.fc22 (2015-15364)
2015-09-21 00:00:00
FreeBSD : qemu -- buffer overflow vulnerability in VNC (2b3b4c27-b0c7-11e5-8d13-bc5ff45d0f28)
2016-01-04 00:00:00
Fedora 23 : qemu-2.4.0-2.fc23 (2015-14783)
2015-09-04 00:00:00
prion
prion
Buffer overflow
2015-11-06 21:59:00
openvas
openvas
Fedora Update for qemu FEDORA-2015-15364
2015-09-19 00:00:00
Mageia: Security Advisory (MGASA-2015-0369)
2015-10-15 00:00:00
Ubuntu: Security Advisory (USN-2724-1)
2015-08-28 00:00:00
nvd
nvd
CVE-2015-5225
2015-11-06 21:59:05
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:39
redhat
redhat
(RHSA-2015:1772) Important: qemu-kvm-rhev security update
2015-09-14 00:00:00
(RHSA-2015:1837) Important: qemu-kvm-rhev security update
2015-09-24 14:06:32
cvelist
cvelist
CVE-2015-5225
2015-11-06 21:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: qemu-2.3.1-3.fc22
2015-09-18 20:54:59
[SECURITY] Fedora 23 Update: qemu-2.4.0-2.fc23
2015-09-04 03:30:55
[SECURITY] Fedora 21 Update: qemu-2.1.3-11.fc21
2015-10-09 11:22:14
cve
cve
CVE-2015-5225
2015-11-06 21:59:05
debiancve
debiancve
CVE-2015-5225
2015-11-06 21:59:05
freebsd
freebsd
qemu -- buffer overflow vulnerability in VNC
2015-08-17 00:00:00
mageia
mageia
Updated qemu packages fix security vulnerabilities
2015-09-15 17:55:06
debian
debian
[SECURITY] [DSA 3348-1] qemu security update
2015-09-02 16:22:30
[SECURITY] [DSA 3348-1] qemu security update
2015-09-02 16:22:30
osv
osv
qemu - security update
2015-09-02 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2015-08-27 00:00:00
securityvulns
securityvulns
[USN-2724-1] QEMU vulnerabilities
2015-08-31 00:00:00
libvirt / qemu multiple security vulnerabilities
2015-08-31 00:00:00
ibm
ibm
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2017-08-07 00:00:00
gentoo
gentoo
QEMU: Multiple vulnerabilities
2016-02-04 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
39.6%
Related for UB:CVE-2015-5225