ID

VAR-201506-0038


CVE

CVE-2015-3209


TITLE

QEMU of PCNET Controller heap-based buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-003134

DESCRIPTION

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. QEMU (also known as Quick Emulator) is a set of analog processor software developed by French programmer Fabrice Bellard. The software has the characteristics of fast speed and cross-platform. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm security update Advisory ID: RHSA-2015:1087-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1087.html Issue date: 2015-06-10 CVE Names: CVE-2015-3209 ===================================================================== 1. Summary: Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. (CVE-2015-3209) Red Hat would like to thank Matt Tait of Google's Project Zero security team for reporting this issue. All qemu-kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1225882 - CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: qemu-kvm-0.12.1.2-2.448.el6_6.4.src.rpm i386: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-img-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.448.el6_6.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.448.el6_6.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-3209 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVeHRmXlSAg2UNWIIRAkq5AKCeYGr9MG7Kdic1FVJZw2avAhO6eACdFG0W VCkW3jIuuaxOqeYM0s8u6ss= =+WsT -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Note: The procedure in the Solution section must be performed before this update will take effect. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 5 client): Source: kvm-83-273.el5_11.src.rpm x86_64: kmod-kvm-83-273.el5_11.x86_64.rpm kmod-kvm-debug-83-273.el5_11.x86_64.rpm kvm-83-273.el5_11.x86_64.rpm kvm-debuginfo-83-273.el5_11.x86_64.rpm kvm-qemu-img-83-273.el5_11.x86_64.rpm kvm-tools-83-273.el5_11.x86_64.rpm RHEL Virtualization (v. CVE-2015-4037 Kurt Seifried of Red Hat Product Security discovered that QEMU's user mode networking stack uses predictable temporary file names when the -smb option is used. CVE-2015-4163 Jan Beulich discovered that a missing version check in the GNTTABOP_swap_grant_ref hypercall handler may result in denial of service. This only applies to Debian stable/jessie. CVE-2015-4164 Andrew Cooper discovered a vulnerability in the iret hypercall handler, which may result in denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 4.1.4-3+deb7u8. For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u1. CVE-2015-3209, CVE-2015-4103, CVE-2015-4104, CVE-2015-4105 and CVE-2015-4106 don't affect the Xen package in stable jessie, it uses the standard qemu package and has already been fixed in DSA-3284-1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your xen packages. From: Yury German <blueknight@gentoo.org> To: gentoo-announce@lists.gentoo.org Message-ID: <57035F2D.8090108@gentoo.org> Subject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201604-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Xen: Multiple vulnerabilities Date: April 05, 2016 Bugs: #445254, #513832, #547202, #549200, #549950, #550658, #553664, #553718, #555532, #556304, #561110, #564472, #564932, #566798, #566838, #566842, #567962, #571552, #571556, #574012 ID: 201604-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Xen, the worst of which cause a Denial of Service. Background ========== Xen is a bare-metal hypervisor. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/xen < 4.6.0-r9 >= 4.6.0-r9 *>= 4.5.2-r5 2 app-emulation/xen-pvgrub < 4.6.0 Vulnerable! 3 app-emulation/xen-tools < 4.6.0-r9 >= 4.6.0-r9 *>= 4.5.2-r5 4 app-emulation/pvgrub >= 4.6.0 *>= 4.5.2 ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 4 affected packages Description =========== Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Xen 4.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.5.2-r5" All Xen 4.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.6.0-r9" All Xen tools 4.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.5.2-r5" All Xen tools 4.6 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.6.0-r9" All Xen pvgrub users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-pvgrub-4.6.0"= References ========== [ 1 ] CVE-2012-3494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494 [ 2 ] CVE-2012-3495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495 [ 3 ] CVE-2012-3496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496 [ 4 ] CVE-2012-3497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497 [ 5 ] CVE-2012-3498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498 [ 6 ] CVE-2012-3515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515 [ 7 ] CVE-2012-4411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411 [ 8 ] CVE-2012-4535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535 [ 9 ] CVE-2012-4536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536 [ 10 ] CVE-2012-4537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537 [ 11 ] CVE-2012-4538 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538 [ 12 ] CVE-2012-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539 [ 13 ] CVE-2012-6030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030 [ 14 ] CVE-2012-6031 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031 [ 15 ] CVE-2012-6032 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032 [ 16 ] CVE-2012-6033 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033 [ 17 ] CVE-2012-6034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034 [ 18 ] CVE-2012-6035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035 [ 19 ] CVE-2012-6036 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036 [ 20 ] CVE-2015-2151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151 [ 21 ] CVE-2015-3209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209 [ 22 ] CVE-2015-3259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259 [ 23 ] CVE-2015-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340 [ 24 ] CVE-2015-3456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456 [ 25 ] CVE-2015-4103 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103 [ 26 ] CVE-2015-4104 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104 [ 27 ] CVE-2015-4105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105 [ 28 ] CVE-2015-4106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106 [ 29 ] CVE-2015-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163 [ 30 ] CVE-2015-4164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164 [ 31 ] CVE-2015-5154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154 [ 32 ] CVE-2015-7311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311 [ 33 ] CVE-2015-7504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504 [ 34 ] CVE-2015-7812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812 [ 35 ] CVE-2015-7813 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813 [ 36 ] CVE-2015-7814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814 [ 37 ] CVE-2015-7835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835 [ 38 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 39 ] CVE-2015-7969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969 [ 40 ] CVE-2015-7970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970 [ 41 ] CVE-2015-7971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971 [ 42 ] CVE-2015-7972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972 [ 43 ] CVE-2015-8339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339 [ 44 ] CVE-2015-8340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340 [ 45 ] CVE-2015-8341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341 [ 46 ] CVE-2015-8550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550 [ 47 ] CVE-2015-8551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551 [ 48 ] CVE-2015-8552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552 [ 49 ] CVE-2015-8554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554 [ 50 ] CVE-2015-8555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555 [ 51 ] CVE-2016-2270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270 [ 52 ] CVE-2016-2271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201604-03 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc . Relevant releases/architectures: RHEV Agents (vdsm) - x86_64 3. ============================================================================ Ubuntu Security Notice USN-2630-1 June 10, 2015 qemu, qemu-kvm vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.04 - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in QEMU. Software Description: - qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Details: Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. (CVE-2015-3209) Kurt Seifried discovered that QEMU incorrectly handled certain temporary files. A local attacker could use this issue to cause a denial of service. (CVE-2015-4037) Jan Beulich discovered that the QEMU Xen code incorrectly restricted write access to the host MSI message data field. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4103) Jan Beulich discovered that the QEMU Xen code incorrectly restricted access to the PCI MSI mask bits. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4104) Jan Beulich discovered that the QEMU Xen code incorrectly handled MSI-X error messages. A malicious guest could use this issue to cause a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4105) Jan Beulich discovered that the QEMU Xen code incorrectly restricted write access to the PCI config space. A malicious guest could use this issue to cause a denial of service, obtain sensitive information, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-4106) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: qemu-system 1:2.2+dfsg-5expubuntu9.2 qemu-system-aarch64 1:2.2+dfsg-5expubuntu9.2 qemu-system-arm 1:2.2+dfsg-5expubuntu9.2 qemu-system-mips 1:2.2+dfsg-5expubuntu9.2 qemu-system-misc 1:2.2+dfsg-5expubuntu9.2 qemu-system-ppc 1:2.2+dfsg-5expubuntu9.2 qemu-system-sparc 1:2.2+dfsg-5expubuntu9.2 qemu-system-x86 1:2.2+dfsg-5expubuntu9.2 Ubuntu 14.10: qemu-system 2.1+dfsg-4ubuntu6.7 qemu-system-aarch64 2.1+dfsg-4ubuntu6.7 qemu-system-arm 2.1+dfsg-4ubuntu6.7 qemu-system-mips 2.1+dfsg-4ubuntu6.7 qemu-system-misc 2.1+dfsg-4ubuntu6.7 qemu-system-ppc 2.1+dfsg-4ubuntu6.7 qemu-system-sparc 2.1+dfsg-4ubuntu6.7 qemu-system-x86 2.1+dfsg-4ubuntu6.7 Ubuntu 14.04 LTS: qemu-system 2.0.0+dfsg-2ubuntu1.13 qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.13 qemu-system-arm 2.0.0+dfsg-2ubuntu1.13 qemu-system-mips 2.0.0+dfsg-2ubuntu1.13 qemu-system-misc 2.0.0+dfsg-2ubuntu1.13 qemu-system-ppc 2.0.0+dfsg-2ubuntu1.13 qemu-system-sparc 2.0.0+dfsg-2ubuntu1.13 qemu-system-x86 2.0.0+dfsg-2ubuntu1.13 Ubuntu 12.04 LTS: qemu-kvm 1.0+noroms-0ubuntu14.23 After a standard system update you need to restart all QEMU virtual machines to make all the necessary changes. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.97

sources: NVD: CVE-2015-3209 // JVNDB: JVNDB-2015-003134 // CNVD: CNVD-2015-03820 // VULHUB: VHN-81170 // PACKETSTORM: 132242 // PACKETSTORM: 132447 // PACKETSTORM: 132289 // PACKETSTORM: 132290 // PACKETSTORM: 136587 // PACKETSTORM: 132240 // PACKETSTORM: 132251 // PACKETSTORM: 134165

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-03820

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:20

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:5.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:openstackscope:eqversion:5.0

Trust: 1.0

vendor:aristamodel:eosscope:eqversion:4.15

Trust: 1.0

vendor:aristamodel:eosscope:eqversion:4.12

Trust: 1.0

vendor:redhatmodel:virtualizationscope:eqversion:3.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:6.6

Trust: 1.0

vendor:junipermodel:junos spacescope:lteversion:15.1

Trust: 1.0

vendor:susemodel:linux enterprise software development kitscope:eqversion:11

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:21

Trust: 1.0

vendor:susemodel:linux enterprise software development kitscope:eqversion:12

Trust: 1.0

vendor:aristamodel:eosscope:eqversion:4.13

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.10

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:15.04

Trust: 1.0

vendor:susemodel:linux enterprise debuginfoscope:eqversion:11

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:10

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:22

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:11

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:susemodel:linux enterprise serverscope:eqversion:12

Trust: 1.0

vendor:qemumodel:qemuscope:lteversion:2.3.1

Trust: 1.0

vendor:susemodel:linux enterprise desktopscope:eqversion:12

Trust: 1.0

vendor:aristamodel:eosscope:eqversion:4.14

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.6

Trust: 1.0

vendor:susemodel:linux enterprise desktopscope:eqversion:11

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:5.0

Trust: 1.0

vendor:fabrice bellardmodel:qemuscope: - version: -

Trust: 0.8

vendor:xenmodel:xenscope:lteversion:4.5.0

Trust: 0.8

vendor:xensourcemodel:xenscope:eqversion:4.2.x

Trust: 0.6

vendor:xensourcemodel:xenscope:eqversion:4.3.x

Trust: 0.6

vendor:xensourcemodel:xenscope:eqversion:4.4.x

Trust: 0.6

sources: CNVD: CNVD-2015-03820 // JVNDB: JVNDB-2015-003134 // NVD: CVE-2015-3209

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3209
value: HIGH

Trust: 1.0

NVD: CVE-2015-3209
value: HIGH

Trust: 0.8

CNVD: CNVD-2015-03820
value: HIGH

Trust: 0.6

VULHUB: VHN-81170
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-3209
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-03820
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-81170
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-03820 // VULHUB: VHN-81170 // JVNDB: JVNDB-2015-003134 // NVD: CVE-2015-3209

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-81170 // JVNDB: JVNDB-2015-003134 // NVD: CVE-2015-3209

THREAT TYPE

local

Trust: 0.1

sources: PACKETSTORM: 132251

TYPE

arbitrary

Trust: 0.4

sources: PACKETSTORM: 132242 // PACKETSTORM: 132447 // PACKETSTORM: 132240 // PACKETSTORM: 132251

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003134

PATCH

title:Top Pageurl:http://wiki.qemu.org/Main_Page

Trust: 0.8

title:JSA10698url:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698

Trust: 0.8

title:XSA-135url:http://xenbits.xen.org/xsa/advisory-135.html

Trust: 0.8

title:Xen QEMU PCNET Controller Heap Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/59683

Trust: 0.6

sources: CNVD: CNVD-2015-03820 // JVNDB: JVNDB-2015-003134

EXTERNAL IDS

db:NVDid:CVE-2015-3209

Trust: 3.3

db:BIDid:75123

Trust: 1.7

db:SECTRACKid:1032545

Trust: 1.1

db:JUNIPERid:JSA10783

Trust: 1.1

db:JUNIPERid:JSA10698

Trust: 1.1

db:JVNDBid:JVNDB-2015-003134

Trust: 0.8

db:CNVDid:CNVD-2015-03820

Trust: 0.6

db:PACKETSTORMid:132290

Trust: 0.2

db:PACKETSTORMid:134165

Trust: 0.2

db:PACKETSTORMid:132240

Trust: 0.2

db:PACKETSTORMid:132289

Trust: 0.2

db:PACKETSTORMid:132447

Trust: 0.2

db:PACKETSTORMid:132242

Trust: 0.2

db:PACKETSTORMid:132251

Trust: 0.2

db:PACKETSTORMid:132241

Trust: 0.1

db:CNNVDid:CNNVD-201506-282

Trust: 0.1

db:VULHUBid:VHN-81170

Trust: 0.1

db:PACKETSTORMid:136587

Trust: 0.1

sources: CNVD: CNVD-2015-03820 // VULHUB: VHN-81170 // JVNDB: JVNDB-2015-003134 // PACKETSTORM: 132242 // PACKETSTORM: 132447 // PACKETSTORM: 132289 // PACKETSTORM: 132290 // PACKETSTORM: 136587 // PACKETSTORM: 132240 // PACKETSTORM: 132251 // PACKETSTORM: 134165 // NVD: CVE-2015-3209

REFERENCES

url:http://xenbits.xen.org/xsa/advisory-135.html

Trust: 1.7

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3209

Trust: 1.4

url:https://security.gentoo.org/glsa/201510-02

Trust: 1.2

url:https://security.gentoo.org/glsa/201604-03

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2015-1087.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2015-1088.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2015-1189.html

Trust: 1.2

url:http://www.ubuntu.com/usn/usn-2630-1

Trust: 1.2

url:http://www.securitytracker.com/id/1032545

Trust: 1.1

url:http://www.securityfocus.com/bid/75123

Trust: 1.1

url:http://www.debian.org/security/2015/dsa-3284

Trust: 1.1

url:http://www.debian.org/security/2015/dsa-3285

Trust: 1.1

url:http://www.debian.org/security/2015/dsa-3286

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160669.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160685.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2015-june/160677.html

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2015-1089.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00014.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html

Trust: 1.1

url:https://kb.juniper.net/jsa10783

Trust: 1.1

url:https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13

Trust: 1.1

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10698

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3209

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2015-3209

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2015-3209

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-4105

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-4103

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-4106

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-4104

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-4037

Trust: 0.2

url:https://www.debian.org/security/

Trust: 0.2

url:https://www.debian.org/security/faq

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5154

Trust: 0.2

url:https://security.gentoo.org/

Trust: 0.2

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3209

Trust: 0.2

url:https://bugs.gentoo.org.

Trust: 0.2

url:http://kb.juniper.net/infocenter/index?page=content&amp;id=jsa10698

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-4164

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-4163

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4536

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7504

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4535

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4105

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4535

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6030

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7835

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8551

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4538

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8552

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6036

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7814

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4106

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7970

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8550

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3456

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3497

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4536

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3495

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6031

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4537

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6034

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3259

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3340

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2151

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4411

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7972

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4538

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6035

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3495

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4539

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3494

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6033

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6032

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4537

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6035

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6032

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7813

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3515

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7971

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3498

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2270

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6031

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6030

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3498

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3497

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3494

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8555

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4163

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8340

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7311

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3259

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-2151

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8339

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-6033

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8554

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4411

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6034

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8341

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4539

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3340

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4164

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3515

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4103

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3496

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3456

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7969

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4104

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3496

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2271

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7812

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/qemu/2.1+dfsg-4ubuntu6.7

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.23

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.13

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.2

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3214

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-5154

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3214

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5158

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-5158

Trust: 0.1

sources: CNVD: CNVD-2015-03820 // VULHUB: VHN-81170 // JVNDB: JVNDB-2015-003134 // PACKETSTORM: 132242 // PACKETSTORM: 132447 // PACKETSTORM: 132289 // PACKETSTORM: 132290 // PACKETSTORM: 136587 // PACKETSTORM: 132240 // PACKETSTORM: 132251 // PACKETSTORM: 134165 // NVD: CVE-2015-3209

CREDITS

Red Hat

Trust: 0.3

sources: PACKETSTORM: 132242 // PACKETSTORM: 132447 // PACKETSTORM: 132240

SOURCES

db:CNVDid:CNVD-2015-03820
db:VULHUBid:VHN-81170
db:JVNDBid:JVNDB-2015-003134
db:PACKETSTORMid:132242
db:PACKETSTORMid:132447
db:PACKETSTORMid:132289
db:PACKETSTORMid:132290
db:PACKETSTORMid:136587
db:PACKETSTORMid:132240
db:PACKETSTORMid:132251
db:PACKETSTORMid:134165
db:NVDid:CVE-2015-3209

LAST UPDATE DATE

2024-11-20T22:07:17.751000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2015-03820date:2015-06-17T00:00:00
db:VULHUBid:VHN-81170date:2023-02-13T00:00:00
db:JVNDBid:JVNDB-2015-003134date:2015-10-21T00:00:00
db:NVDid:CVE-2015-3209date:2023-02-13T00:48:06.167

SOURCES RELEASE DATE

db:CNVDid:CNVD-2015-03820date:2015-06-17T00:00:00
db:VULHUBid:VHN-81170date:2015-06-15T00:00:00
db:JVNDBid:JVNDB-2015-003134date:2015-06-18T00:00:00
db:PACKETSTORMid:132242date:2015-06-10T23:39:22
db:PACKETSTORMid:132447date:2015-06-25T14:19:06
db:PACKETSTORMid:132289date:2015-06-15T15:43:00
db:PACKETSTORMid:132290date:2015-06-15T15:43:07
db:PACKETSTORMid:136587date:2016-04-06T13:30:13
db:PACKETSTORMid:132240date:2015-06-10T23:36:31
db:PACKETSTORMid:132251date:2015-06-10T23:41:07
db:PACKETSTORMid:134165date:2015-11-02T16:49:11
db:NVDid:CVE-2015-3209date:2015-06-15T15:59:00.070