CVE-2015-3209
Advisory lineage Upstream: 0 Downstream: 15
Modified
Published: 15 Jun 2015, 15:00
Last modified:06 Aug 2024, 05:39
Vulnerability Summary
Overall Risk (default)
medium
34/100 CVSS Score
7.5 HIGH
v2.0 (nvd)
EPSS Score
18.02% MEDIUM
18% probability -2.55%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
15 Jun 2015, 15:00
Published
Vulnerability first disclosed
06 Aug 2024, 05:39
Last Modified
Vulnerability information updated
Description
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
CVSS Metrics
- v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 18.02%• Percentile: 95%
Techniques & Countermeasures
- CWE-787•Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
Affected Systems
- arista•eos
4.12 | 4.13 | 4.14 | 4.15
- canonical•ubuntu_linux
12.04 | 14.04 | 14.10 | 15.04
- debian•debian_linux
7.0 | 8.0
- fedoraproject•fedora
20 | 21 | 22
- juniper•junos_space
≤ 15.1
- qemu•qemu
≤ 2.3.1
- redhat•enterprise_linux_desktop
6.0
- redhat•enterprise_linux_eus
6.6
- redhat•enterprise_linux_server
5.0 | 6.0
- redhat•enterprise_linux_server_aus
6.6
- redhat•enterprise_linux_server_tus
6.6
- redhat•enterprise_linux_workstation
5.0 | 6.0
- redhat•openstack
5.0
- redhat•virtualization
3.0
- suse•linux_enterprise_debuginfo
11:sp2
- suse•linux_enterprise_desktop
11:sp3 | 12
- suse•linux_enterprise_server
10:sp4 | 11:sp1 | 11:sp2 | 11:sp3 | 12
- suse•linux_enterprise_software_development_kit
11:sp3 | 12
References (28)
- http://www.ubuntu.com/usn/USN-2630-1
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html
- http://rhn.redhat.com/errata/RHSA-2015-1087.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html
- https://kb.juniper.net/JSA10783
- http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160669.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
- http://www.debian.org/security/2015/dsa-3286
- http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160677.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html
- http://rhn.redhat.com/errata/RHSA-2015-1088.html
- http://rhn.redhat.com/errata/RHSA-2015-1089.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html
- https://security.gentoo.org/glsa/201510-02
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00014.html
- http://www.debian.org/security/2015/dsa-3284
- http://www.securityfocus.com/bid/75123
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html
- http://www.securitytracker.com/id/1032545
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html
- http://xenbits.xen.org/xsa/advisory-135.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html
- https://security.gentoo.org/glsa/201604-03
- http://rhn.redhat.com/errata/RHSA-2015-1189.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html
- http://www.debian.org/security/2015/dsa-3285
- https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13