Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-3515

Опубликовано: 05 сент. 2012
Источник: redhat
CVSS2: 7.4
EPSS Низкий

Описание

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

Отчет

This issue did affect the versions of xen package as shipped with Red Hat Enterprise Linux 5. This issue did affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5. This issue did affect the versions of qemu-kvm package as shipped with Red Hat Enterprise Linux 6.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmAffected
Red Hat Enterprise Linux 5kvmFixedRHSA-2012:123505.09.2012
Red Hat Enterprise Linux 5xenFixedRHSA-2012:123605.09.2012
Red Hat Enterprise Linux 6qemu-kvmFixedRHSA-2012:123405.09.2012
RHEV 3.X Hypervisor and Agents for RHEL-6qemu-kvm-rhevFixedRHSA-2012:123305.09.2012
RHEV 3.X Hypervisor and Agents for RHEL-6rhev-hypervisor6FixedRHSA-2012:132502.10.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-839->CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=851252qemu: VT100 emulation vulnerability

EPSS

Процентиль: 23%
0.00076
Низкий

7.4 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-3515

ubuntu
больше 12 лет назад

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

nvd логотип

CVE-2012-3515

nvd
больше 12 лет назад

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

debian логотип

CVE-2012-3515

debian
больше 12 лет назад

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulat ...

github логотип

GHSA-rwhm-5hjg-54j9

github
больше 3 лет назад

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

oracle-oval логотип

ELSA-2012-1236

oracle-oval
почти 13 лет назад

ELSA-2012-1236: xen security update (IMPORTANT)

EPSS

Процентиль: 23%
0.00076
Низкий

7.4 High

CVSS2