Unrated severityNVD Advisory· Published Jan 23, 2020· Updated Aug 6, 2024
CVE-2015-5745
CVE-2015-5745
Description
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
Affected products
11- osv-coords10 versionspkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
< 1.4.2-46.1+ 9 more
- (no CPE)range: < 1.4.2-46.1
- (no CPE)range: < 1.4.2-46.1
- (no CPE)range: < 1.4.2-44.1
- (no CPE)range: < 1.4.2-44.1
- (no CPE)range: < 2.0.2-48.19.1
- (no CPE)range: < 2.3.1-14.1
- (no CPE)range: < 2.0.2-48.19.1
- (no CPE)range: < 2.3.1-14.1
- (no CPE)range: < 2.0.2-48.19.1
- (no CPE)range: < 2.3.1-14.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.htmlmitrex_refsource_MISC
- lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.htmlmitrex_refsource_MISC
- lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.htmlmitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2015/08/06/3mitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2015/08/06/5mitrex_refsource_MISC
- github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295mitrex_refsource_MISC
- lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.htmlmitrex_refsource_MISC
- www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.