Medium severity6.5NVD Advisory· Published Apr 13, 2017· Updated May 13, 2026
CVE-2015-8345
CVE-2015-8345
Description
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
Affected products
33- osv-coords33 versionspkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweedpkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/kvm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 4.7.0_12-1.3+ 32 more
- (no CPE)range: < 4.7.0_12-1.3
- (no CPE)range: < 1.4.2-37.1
- (no CPE)range: < 1.4.2-35.1
- (no CPE)range: < 1.4.2-37.1
- (no CPE)range: < 1.4.2-37.1
- (no CPE)range: < 1.4.2-35.1
- (no CPE)range: < 1.4.2-37.1
- (no CPE)range: < 1.4.2-35.1
- (no CPE)range: < 2.0.2-48.12.1
- (no CPE)range: < 2.3.1-7.7
- (no CPE)range: < 2.0.2-48.12.1
- (no CPE)range: < 2.3.1-7.7
- (no CPE)range: < 2.0.2-48.12.1
- (no CPE)range: < 2.3.1-7.7
- (no CPE)range: < 4.2.5_18-21.1
- (no CPE)range: < 4.4.3_06-29.1
- (no CPE)range: < 4.4.3_06-22.15.1
- (no CPE)range: < 4.5.2_02-4.1
- (no CPE)range: < 4.1.6_08-23.1
- (no CPE)range: < 4.2.5_18-21.1
- (no CPE)range: < 4.2.5_20-24.9
- (no CPE)range: < 4.2.5_18-21.1
- (no CPE)range: < 4.4.3_06-29.1
- (no CPE)range: < 4.4.3_06-22.15.1
- (no CPE)range: < 4.5.2_02-4.1
- (no CPE)range: < 4.2.5_18-21.1
- (no CPE)range: < 4.4.3_06-29.1
- (no CPE)range: < 4.4.3_06-22.15.1
- (no CPE)range: < 4.5.2_02-4.1
- (no CPE)range: < 4.2.5_18-21.1
- (no CPE)range: < 4.4.3_06-29.1
- (no CPE)range: < 4.4.3_06-22.15.1
- (no CPE)range: < 4.5.2_02-4.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.htmlnvdMailing ListPatchThird Party Advisory
- www.debian.org/security/2016/dsa-3469nvdThird Party Advisory
- www.debian.org/security/2016/dsa-3470nvdThird Party Advisory
- www.debian.org/security/2016/dsa-3471nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2015/11/25/11nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/77985nvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201602-01nvdThird Party Advisory
News mentions
0No linked articles in our index yet.