Информационная безопасность
[RU] switch to English


Уязвимости безопасности libvirt / qemu
дополнено с 5 мая 2015 г.
Опубликовано:17 мая 2015 г.
Источник:
SecurityVulns ID:14442
Тип:локальная
Уровень опасности:
6/10
Описание:Отказ при разборе Physical Region Descriptor Table, контроллере IDE и регистрах PCI. Выполнение кода.
Затронутые продукты:QEMU : qemu 1.6
 QEMU : qemu 2.1
CVE:CVE-2015-3456 (The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.)
 CVE-2015-2756 (QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.)
 CVE-2015-1779
 CVE-2014-9718 (The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.)
Оригинальный текстdocumentUBUNTU, [USN-2608-1] QEMU vulnerabilities (17.05.2015)
 documentMANDRIVA, [ MDVSA-2015:210 ] qemu (05.05.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород