DSA-3361-1 qemu -- qemuID: oval:org.secpod.oval:def:602231 | Date: (C)2015-09-29 (M)2023-12-07 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2015-5278 Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service . CVE-2015-5279 Qinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service , or potentially to execute arbitrary code on the host with the privileges of the hosting QEMU process. CVE-2015-6815 Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the e1000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service . CVE-2015-6855 Qinghao Tang of QIHU 360 Inc. discovered a flaw in the IDE subsystem in QEMU occurring while executing IDE"s WIN_READ_NATIVE_MAX command to determine the maximum size of a drive. A privileged guest user could use this flaw to mount a denial of service .
Platform: |
Debian 8.x |
Debian 7.x |