Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-5239

Опубликовано: 30 июн. 2014
Источник: redhat
CVSS2: 4
EPSS Низкий

Описание

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

An integer overflow issue was found in the VNC display driver of the QEMU emulator, which could be used by a privileged guest user to create a denial of service attack. The overflow occurred when processing a CLIENT_CUT_TEXT message with too large a payload size. The integer overflow led to an infinite loop inside the VNC driver, eventually crashing the QEMU process on the host.

Отчет

This issue affects the versions of kvm and xen packages as shipped with Red Hat Enterprise Linux 5. This issue affects the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6 and 7. This issue affects the Red Hat Enterprise Linux 6 based versions of qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. This issue affect the Red Hat Enterprise Linux 7 based versions of the qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Ceph Storage 1.1qemu-kvmWill not fix
Red Hat Enterprise Linux 5kvmWill not fix
Red Hat Enterprise Linux 6qemu-kvmWill not fix
Red Hat Enterprise Linux 7qemu-kvmWill not fix
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevNot affected
Red Hat Enterprise Virtualization 3qemu-kvm-rhevWill not fix
Red Hat Enterprise Virtualization 3rhev-hypervisorWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-835
https://bugzilla.redhat.com/show_bug.cgi?id=1257735qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg()

EPSS

Процентиль: 90%
0.05062
Низкий

4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-5239

CVSS3: 6.5
ubuntu
около 6 лет назад

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

nvd логотип

CVE-2015-5239

CVSS3: 6.5
nvd
около 6 лет назад

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

debian логотип

CVE-2015-5239

CVSS3: 6.5
debian
около 6 лет назад

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows ...

github логотип

GHSA-9mm7-7f84-98c9

CVSS3: 6.5
github
больше 3 лет назад

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

suse-cvrf логотип

SUSE-SU-2015:1952-1

suse-cvrf
больше 10 лет назад

Security update for xen

EPSS

Процентиль: 90%
0.05062
Низкий

4 Medium

CVSS2