Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-4106

Опубликовано: 02 июн. 2015
Источник: redhat
CVSS2: 4.3

Описание

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

Отчет

This issue does affect then Xen packages as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5xenAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1223859xen: unmediated PCI register access in qemu (xsa-131)

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-4106

ubuntu
больше 10 лет назад

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

nvd логотип

CVE-2015-4106

nvd
больше 10 лет назад

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

debian логотип

CVE-2015-4106

debian
больше 10 лет назад

QEMU does not properly restrict write access to the PCI config space f ...

github логотип

GHSA-53r2-p844-jg4x

github
больше 3 лет назад

QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.

fstec логотип

BDU:2015-10460

fstec
больше 10 лет назад

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю повысить свои привилегии, вызвать отказ в обслуживании или получить доступ к защищаемой информации

4.3 Medium

CVSS2