Medium severity5.5NVD Advisory· Published Dec 29, 2016· Updated May 6, 2026

CVE-2015-8817

Description

QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2016/03/01/1nvdMailing ListPatch
www.openwall.com/lists/oss-security/2016/03/01/10nvdMailing ListPatch
bugzilla.redhat.com/show_bug.cginvdIssue Tracking
lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.htmlnvdMailing List
rhn.redhat.com/errata/RHSA-2016-2670.htmlnvd
rhn.redhat.com/errata/RHSA-2016-2671.htmlnvd
rhn.redhat.com/errata/RHSA-2016-2704.htmlnvd
rhn.redhat.com/errata/RHSA-2016-2705.htmlnvd
rhn.redhat.com/errata/RHSA-2016-2706.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000