ALT-PU-2015-1542-1
Closed vulnerabilities
Published: 2015-06-15
BDU:2015-10394
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.5)
References:
Published: 2015-06-15
BDU:2015-10395
Уязвимость гипервизора Xen, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.5)
References:
Published: 2015-08-26
BDU:2015-11298
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (1.9)
References:
Published: 2015-06-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3209
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
Severity: HIGH (7.5)
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
- FEDORA-2015-10001
- FEDORA-2015-10001
- FEDORA-2015-9978
- FEDORA-2015-9978
- FEDORA-2015-9965
- FEDORA-2015-9965
- SUSE-SU-2015:1042
- SUSE-SU-2015:1042
- SUSE-SU-2015:1045
- SUSE-SU-2015:1045
- SUSE-SU-2015:1152
- SUSE-SU-2015:1152
- SUSE-SU-2015:1156
- SUSE-SU-2015:1156
- SUSE-SU-2015:1157
- SUSE-SU-2015:1157
- SUSE-SU-2015:1206
- SUSE-SU-2015:1206
- SUSE-SU-2015:1426
- SUSE-SU-2015:1426
- SUSE-SU-2015:1519
- SUSE-SU-2015:1519
- SUSE-SU-2015:1643
- SUSE-SU-2015:1643
- RHSA-2015:1087
- RHSA-2015:1087
- RHSA-2015:1088
- RHSA-2015:1088
- RHSA-2015:1089
- RHSA-2015:1089
- RHSA-2015:1189
- RHSA-2015:1189
- DSA-3284
- DSA-3284
- DSA-3285
- DSA-3285
- DSA-3286
- DSA-3286
- 75123
- 75123
- 1032545
- 1032545
- USN-2630-1
- USN-2630-1
- http://xenbits.xen.org/xsa/advisory-135.html
- http://xenbits.xen.org/xsa/advisory-135.html
- https://kb.juniper.net/JSA10783
- https://kb.juniper.net/JSA10783
- GLSA-201510-02
- GLSA-201510-02
- GLSA-201604-03
- GLSA-201604-03
- https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13
- https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13
Published: 2015-08-26
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-4037
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
Severity: LOW (1.9)
References:
- FEDORA-2015-9601
- FEDORA-2015-9601
- FEDORA-2015-9599
- FEDORA-2015-9599
- SUSE-SU-2015:1152
- SUSE-SU-2015:1152
- SUSE-SU-2015:1519
- SUSE-SU-2015:1519
- openSUSE-SU-2015:1965
- openSUSE-SU-2015:1965
- DSA-3284
- DSA-3284
- DSA-3285
- DSA-3285
- [oss-security] 20150513 QEMU 2.3.0 tmp vulns CVE request
- [oss-security] 20150513 QEMU 2.3.0 tmp vulns CVE request
- [oss-security] 20150516 Re: QEMU 2.3.0 tmp vulns CVE request
- [oss-security] 20150516 Re: QEMU 2.3.0 tmp vulns CVE request
- [oss-security] 20150523 Re: QEMU 2.3.0 tmp vulns CVE request
- [oss-security] 20150523 Re: QEMU 2.3.0 tmp vulns CVE request
- 74809
- 74809
- 1032547
- 1032547
- USN-2630-1
- USN-2630-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1222892
- https://bugzilla.redhat.com/show_bug.cgi?id=1222892