First published: Mon Jun 15 2015(Updated: )
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
QEMU | <=2.3.1 | |
Juniper Networks Junos Space | <=15.1 | |
Ubuntu | =12.04 | |
Ubuntu | =14.04 | |
Ubuntu | =14.10 | |
Ubuntu | =15.04 | |
Debian Linux | =7.0 | |
Debian Linux | =8.0 | |
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Server EUS | =6.6 | |
Red Hat Enterprise Linux Server | =5.0 | |
Red Hat Enterprise Linux Server | =6.0 | |
Red Hat Enterprise Linux Server | =6.6 | |
Red Hat Enterprise Linux Server | =6.6 | |
Red Hat Enterprise Linux Workstation | =5.0 | |
Red Hat Enterprise Linux Workstation | =6.0 | |
Red Hat OpenStack for IBM Power | =5.0 | |
Red Hat Enterprise Virtualization | =3.0 | |
Red Hat Enterprise Linux | =6.0 | |
Red Hat Fedora | =20 | |
Red Hat Fedora | =21 | |
Red Hat Fedora | =22 | |
SUSE Linux Enterprise Debuginfo | =11-sp2 | |
SUSE Linux Enterprise Desktop | =11-sp3 | |
SUSE Linux Enterprise Desktop | =12 | |
SUSE Linux Enterprise Server | =10-sp4 | |
SUSE Linux Enterprise Server | =11-sp1 | |
SUSE Linux Enterprise Server | =11-sp2 | |
SUSE Linux Enterprise Server | =11-sp3 | |
SUSE Linux Enterprise Server | =12 | |
SUSE Linux Enterprise Software Development Kit | =11-sp3 | |
SUSE Linux Enterprise Software Development Kit | =12 | |
Arista EOS | =4.12 | |
Arista EOS | =4.13 | |
Arista EOS | =4.14 | |
Arista EOS | =4.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-3209 has a high severity level due to the heap-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code.
To fix CVE-2015-3209, update QEMU to version 2.3.2 or later and ensure all affected systems are patched.
CVE-2015-3209 affects QEMU versions up to 2.3.1, Juniper Networks Junos Space up to version 15.1, and several versions of Ubuntu and Red Hat Enterprise Linux.
Yes, CVE-2015-3209 can be exploited remotely by attackers sending specially crafted packets to the vulnerable systems.
Vulnerable systems include various distributions of Linux such as Ubuntu, Debian, and Red Hat Enterprise Linux, as well as certain network devices running affected versions of Juniper and QEMU.