Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-2152

Опубликовано: 12 мар. 2015
Источник: redhat
CVSS2: 2.1
EPSS Низкий

Описание

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.

Отчет

Not vulnerable. This issue did not affect the versions of xen as shipped with Red Hat Enterprise Linux 5 as they did not include affected libxc library.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5xenNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1200724xen: HVM qemu unexpectedly enabling emulated VGA graphics backends (XSA 119)

EPSS

Процентиль: 23%
0.00076
Низкий

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-2152

ubuntu
почти 11 лет назад

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.

nvd логотип

CVE-2015-2152

nvd
почти 11 лет назад

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.

debian логотип

CVE-2015-2152

debian
почти 11 лет назад

Xen 4.5.x and earlier enables certain default backends when emulating ...

github логотип

GHSA-4h5r-jgg6-766g

github
больше 3 лет назад

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.

suse-cvrf логотип

SUSE-SU-2015:0613-1

suse-cvrf
почти 11 лет назад

Security update for Xen

EPSS

Процентиль: 23%
0.00076
Низкий

2.1 Low

CVSS2