First published: Wed May 13 2015(Updated: )
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
QEMU qemu | <=2.3.0 | |
Redhat Enterprise Virtualization | =3.0 | |
Redhat Openstack | =4.0 | |
Redhat Openstack | =5.0 | |
Redhat Openstack | =6.0 | |
Redhat Openstack | =7.0 | |
Redhat Enterprise Linux | =5 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Xen Xen | =4.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.