CVE-2015-5154
Published Aug 12, 2015
Last updated 2 years ago
Overview
- Description
- Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE6592AF-775F-4B8A-8E33-57A1239852E3",
"versionEndIncluding": "4.5.0"
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2"
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABF17A18-4BE8-41B7-B50C-F4A137B3B2F1",
"versionEndIncluding": "2.3.0"
}
],
"operator": "OR"
}
]
}
]