First published: Fri Nov 20 2015(Updated: )
Last updated 24 July 2024
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/qemu | 1:5.2+dfsg-11+deb11u3 1:5.2+dfsg-11+deb11u2 1:7.2+dfsg-7+deb12u12 1:9.2.0+ds-2 1:9.2.0+ds-5 | |
QEMU KVM | <=2.5.1 | |
Debian Debian Linux | =8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-8613 is a vulnerability that allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command in QEMU, when built with SCSI MegaRAID SAS HBA emulation support.
No, CVE-2015-8613 has a low severity level.
QEMU versions 2.0.0+dfsg-2ubuntu1.22, 1:2.3+dfsg-5ubuntu9.2, and various Debian versions are affected by CVE-2015-8613.
To fix CVE-2015-8613, update QEMU to a version that includes the necessary security patches.
You can find more information about CVE-2015-8613 at the following references: [Security Focus](http://www.securityfocus.com/bid/79719), [Debian Security Advisory](http://www.debian.org/security/2016/dsa-3471), [Gentoo Linux Security Advisory](https://security.gentoo.org/glsa/201604-01).