CVE-2015-6815
First published: Fri Sep 04 2015(Updated: )
Qemu emulator built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing transmit descriptor data when sending a network packet. A privileged user inside guest could use this flaw to crash the Qemu instance resulting in DoS. Upstream fix: ------------- -> <a href="https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html">https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html</a>
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QEMU qemu | <2.4.0.1 | |
| Fedoraproject Fedora | =21 | |
| Fedoraproject Fedora | =22 | |
| Fedoraproject Fedora | =23 | |
| Novell Suse Linux Enterprise Software Development Kit | =11.0-sp3 | |
| Novell Suse Linux Enterprise Software Development Kit | =11.0-sp4 | |
| Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
| Novell Suse Linux Enterprise Debuginfo | =11.0-sp3 | |
| Novell Suse Linux Enterprise Debuginfo | =11.0-sp4 | |
| Novell Suse Linux Enterprise Desktop | =11.0-sp3 | |
| Novell Suse Linux Enterprise Desktop | =11.0-sp4 | |
| Novell Suse Linux Enterprise Desktop | =12.0 | |
| Novell Suse Linux Enterprise Server | =11.0-sp3 | |
| Novell Suse Linux Enterprise Server | =11.0-sp4 | |
| Novell Suse Linux Enterprise Server | =12.0 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.04 | |
| Redhat Openstack | =5.0 | |
| Redhat Openstack | =6.0 | |
| Redhat Openstack | =7.0 | |
| Redhat Enterprise Linux | =5.0 | |
| Redhat Enterprise Linux | =6.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Xen Xen | =4.4.3 | |
| Xen Xen | =4.5.1 | |
| Arista EOS | =4.12 | |
| Arista EOS | =4.13 | |
| Arista EOS | =4.14 | |
| Arista EOS | =4.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html
- https://access.redhat.com/support/policy/updates/errata/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1260224
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1260225
- https://access.redhat.com/security/cve/CVE-2015-6815
- http://openwall.com/lists/oss-security/2015/09/05/5
- https://bugzilla.redhat.com/show_bug.cgi?id=1260076
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html
- http://www.openwall.com/lists/oss-security/2015/09/04/4
- http://www.openwall.com/lists/oss-security/2015/09/05/5
- http://www.ubuntu.com/usn/USN-2745-1
- https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
- https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14
- agent/author
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-6815
- vendor/qemu
- canonical/qemu qemu
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/21
- version/fedoraproject fedora/22
- version/fedoraproject fedora/23
- vendor/novell
- canonical/novell suse linux enterprise software development kit
- version/novell suse linux enterprise software development kit/11.0-sp3
- version/novell suse linux enterprise software development kit/11.0-sp4
- version/novell suse linux enterprise software development kit/12.0
- canonical/novell suse linux enterprise debuginfo
- version/novell suse linux enterprise debuginfo/11.0-sp3
- version/novell suse linux enterprise debuginfo/11.0-sp4
- canonical/novell suse linux enterprise desktop
- version/novell suse linux enterprise desktop/11.0-sp3
- version/novell suse linux enterprise desktop/11.0-sp4
- version/novell suse linux enterprise desktop/12.0
- canonical/novell suse linux enterprise server
- version/novell suse linux enterprise server/11.0-sp3
- version/novell suse linux enterprise server/11.0-sp4
- version/novell suse linux enterprise server/12.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.04
- vendor/redhat
- canonical/redhat openstack
- version/redhat openstack/5.0
- version/redhat openstack/6.0
- version/redhat openstack/7.0
- canonical/redhat enterprise linux
- version/redhat enterprise linux/5.0
- version/redhat enterprise linux/6.0
- version/redhat enterprise linux/7.0
- vendor/xen
- canonical/xen xen
- version/xen xen/4.4.3
- version/xen xen/4.5.1
- vendor/arista
- canonical/arista eos
- version/arista eos/4.12
- version/arista eos/4.13
- version/arista eos/4.14
- version/arista eos/4.15