Debian: DSA-4125-1 Severe: QEMU Denial Of Service And Remote Execution
debian
June 12, 2015
Several vulnerabilities were discovered in qemu, a fast processor emulator
Summary
CVE-2015-3209
Matt Tait of Google's Project Zero security team discovered a flaw
in the way QEMU's AMD PCnet Ethernet emulation handles multi-TMD
packets with a length above 4096 bytes. A privileged guest user in a
guest with an AMD PCNet ethernet card enabled can potentially use
this flaw to execute arbitrary code on the host with the privileges
of the hosting QEMU process.
CVE-2015-4037
Kurt Seifried of Red Hat Product Security discovered that QEMU's
user mode networking stack uses predictable temporary file names
when the -smb option is used. An unprivileged user can use this flaw
to cause a denial of service.
CVE-2015-4103
Jan Beulich of SUSE discovered that the QEMU Xen code does not
properly restrict write access to the host MSI message data field,
allowing a malicious guest to cause a denial of service.
CVE-2015-4104
Jan Beulich of SUSE discovered that the QEMU Xen code does not
properly restrict access to PCI MSI mask bits, allowing ...
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Package: qemu
CVE ID: CVE-2015-3209 CVE-2015-4037 CVE-2015-4103 CVE-2015-4104
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!