CVE-2015-8817
First published: Thu Jan 21 2016(Updated: )
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QEMU KVM | =1.6.0 | |
| QEMU KVM | =1.6.0-rc1 | |
| QEMU KVM | =1.6.0-rc2 | |
| QEMU KVM | =1.6.0-rc3 | |
| QEMU KVM | =1.6.1 | |
| QEMU KVM | =1.6.2 | |
| QEMU KVM | =1.7.1 | |
| QEMU KVM | =2.0.0 | |
| QEMU KVM | =2.0.0-rc0 | |
| QEMU KVM | =2.0.0-rc1 | |
| QEMU KVM | =2.0.0-rc2 | |
| QEMU KVM | =2.0.0-rc3 | |
| QEMU KVM | =2.0.2 | |
| QEMU KVM | =2.1.0 | |
| QEMU KVM | =2.1.0-rc0 | |
| QEMU KVM | =2.1.0-rc1 | |
| QEMU KVM | =2.1.0-rc2 | |
| QEMU KVM | =2.1.0-rc3 | |
| QEMU KVM | =2.1.0-rc5 | |
| QEMU KVM | =2.1.1 | |
| QEMU KVM | =2.1.2 | |
| QEMU KVM | =2.1.3 | |
| QEMU KVM | =2.2.0 | |
| QEMU KVM | =2.2.1 | |
| QEMU KVM | =2.3.0 | |
| QEMU KVM | =2.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.qemu.org/?p=qemu.git;a=commit;h=c3c1bb99d1c11978d9ce94d1bd
- http://git.qemu.org/?p=qemu.git;a=commit;h=e4a511f8cc6f4a46d409fb5c9f
- http://git.qemu.org/?p=qemu.git;a=commit;h=965eb2fcdfe919ecced6c34803
- http://git.qemu.org/?p=qemu.git;a=commit;h=b242e0e0e2969c044a318e56f7
- https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html
- http://www.openwall.com/lists/oss-security/2016/03/01/1
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1313273
- https://rhn.redhat.com/errata/RHSA-2016-2671.html
- https://rhn.redhat.com/errata/RHSA-2016-2670.html
- https://rhn.redhat.com/errata/RHSA-2016-2704.html
- https://rhn.redhat.com/errata/RHSA-2016-2706.html
- https://rhn.redhat.com/errata/RHSA-2016-2705.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1300771
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=23820dbfc79d1c9dce090b4c555994f2bb6a69b3
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459
- http://rhn.redhat.com/errata/RHSA-2016-2670.html
- http://rhn.redhat.com/errata/RHSA-2016-2671.html
- http://rhn.redhat.com/errata/RHSA-2016-2704.html
- http://rhn.redhat.com/errata/RHSA-2016-2705.html
- http://rhn.redhat.com/errata/RHSA-2016-2706.html
- http://www.openwall.com/lists/oss-security/2016/03/01/10
- agent/weakness
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-8817
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/qemu
- canonical/qemu kvm
- version/qemu kvm/1.6.0
- version/qemu kvm/1.6.0-rc1
- version/qemu kvm/1.6.0-rc2
- version/qemu kvm/1.6.0-rc3
- version/qemu kvm/1.6.1
- version/qemu kvm/1.6.2
- version/qemu kvm/1.7.1
- version/qemu kvm/2.0.0
- version/qemu kvm/2.0.0-rc0
- version/qemu kvm/2.0.0-rc1
- version/qemu kvm/2.0.0-rc2
- version/qemu kvm/2.0.0-rc3
- version/qemu kvm/2.0.2
- version/qemu kvm/2.1.0
- version/qemu kvm/2.1.0-rc0
- version/qemu kvm/2.1.0-rc1
- version/qemu kvm/2.1.0-rc2
- version/qemu kvm/2.1.0-rc3
- version/qemu kvm/2.1.0-rc5
- version/qemu kvm/2.1.1
- version/qemu kvm/2.1.2
- version/qemu kvm/2.1.3
- version/qemu kvm/2.2.0
- version/qemu kvm/2.2.1
- version/qemu kvm/2.3.0
- version/qemu kvm/2.3.1