Vulnerability Details : CVE-2015-5279
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2015-5279
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-5279
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5279
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2015-5279
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5279
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html
[SECURITY] Fedora 22 Update: qemu-2.3.1-5.fc22
-
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=7aa2bcad0ca837dd6d4bf4fa38a80314b4a6b755
git.qemu.org Git
-
http://rhn.redhat.com/errata/RHSA-2015-1924.html
RHSA-2015:1924 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-1923.html
RHSA-2015:1923 - Security Advisory - Red Hat Customer Portal
-
https://security.gentoo.org/glsa/201602-01
QEMU: Multiple vulnerabilities (GLSA 201602-01) — Gentoo security
-
http://rhn.redhat.com/errata/RHSA-2015-1896.html
RHSA-2015:1896 - Security Advisory - Red Hat Customer Portal
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015
-
http://www.debian.org/security/2015/dsa-3362
Debian -- Security Information -- DSA-3362-1 qemu-kvm
-
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
[security-announce] SUSE-SU-2015:1782-1: important: Security update for
-
http://www.debian.org/security/2015/dsa-3361
Debian -- Security Information -- DSA-3361-1 qemu
-
https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14
Security Advisory 0014 - Arista
-
http://www.openwall.com/lists/oss-security/2015/09/15/3
oss-security - CVE-2015-5279 Qemu: net: add checks to validate ring buffer pointers
-
http://www.securityfocus.com/bid/76746
QEMU NE2000 NIC Emulation Heap Based Buffer Overflow Vulnerability
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167369.html
[SECURITY] Fedora 23 Update: qemu-2.4.0-4.fc23
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html
[SECURITY] Fedora 21 Update: qemu-2.1.3-11.fc21
-
http://rhn.redhat.com/errata/RHSA-2015-1925.html
RHSA-2015:1925 - Security Advisory - Red Hat Customer Portal
-
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html
[Qemu-devel] [PULL 2/3] net: add checks to validate ring buffer pointers
-
http://www.securitytracker.com/id/1033569
QEMU Buffer Overflow in ne2000_receive() Lets Local Guest Users Deny Service or Execute Arbitrary Code on the Host System - SecurityTracker
Jump to