Vulnerability Details : CVE-2015-5225
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2015-5225
- cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-5225
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5225
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2015-5225
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5225
-
http://www.securityfocus.com/bid/76506
QEMU CVE-2015-5225 Heap Based Buffer Overflow Vulnerability
-
http://rhn.redhat.com/errata/RHSA-2015-1837.html
RHSA-2015:1837 - Security Advisory - Red Hat Customer Portal
-
https://security.gentoo.org/glsa/201602-01
QEMU: Multiple vulnerabilities (GLSA 201602-01) — Gentoo security
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166798.html
[SECURITY] Fedora 22 Update: qemu-2.3.1-3.fc22
-
http://rhn.redhat.com/errata/RHSA-2015-1772.html
RHSA-2015:1772 - Security Advisory - Red Hat Customer Portal
-
https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html
[Qemu-devel] [PATCH] vnc: fix memory corruption (CVE-2015-5225)
-
http://www.securitytracker.com/id/1033547
QEMU VNC Heap Overflow Lets Local Guest System Users Deny Service or Gain Privileges on the Host System - SecurityTracker
-
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
[Qemu-devel] [ANNOUNCE] QEMU 2.4.0.1 CVE update releasedPatch;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2015/08/21/6
oss-security - CVE-2015-5225 Qemu: ui: vnc: heap memory corruption issue
-
http://www.debian.org/security/2015/dsa-3348
Debian -- Security Information -- DSA-3348-1 qemu
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html
[SECURITY] Fedora 21 Update: qemu-2.1.3-11.fc21
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165484.html
[SECURITY] Fedora 23 Update: qemu-2.4.0-2.fc23
Jump to