Vulnerability CVE-2015-8619: Information
Description
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
qemu | sisyphus | 2.6.0-alt1 | 8.2.3-alt1 | ALT-PU-2016-1565-1 | 164723 | Fixed |
qemu | p10 | 2.6.0-alt1 | 8.2.2-alt0.p10.1 | ALT-PU-2016-1565-1 | 164723 | Fixed |
qemu | p9 | 2.6.0-alt1 | 5.2.0-alt6 | ALT-PU-2016-1565-1 | 164723 | Fixed |
qemu | p8 | 2.6.0-alt1 | 2.11.0-alt0.M80P.4 | ALT-PU-2016-1596-1 | 165738 | Fixed |
qemu | c10f1 | 2.6.0-alt1 | 8.2.2-alt0.p10.1 | ALT-PU-2016-1565-1 | 164723 | Fixed |
qemu | c9f2 | 2.6.0-alt1 | 5.2.0-alt6.c9.1 | ALT-PU-2016-1565-1 | 164723 | Fixed |
qemu | p11 | 2.6.0-alt1 | 8.2.3-alt1 | ALT-PU-2016-1565-1 | 164723 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
[qemu-devel] 20151217 [Qemu-devel] [PATCH] hmp: avoid redundant null termination of buffer |
|
79668 |
|
[oss-security] 20151223 CVE request Qemu: hmp: stack based OOB write in hmp_sendkey routine |
|
GLSA-201604-01 |
|
DSA-3471 |
|