CVE-2015-3456

Impact:
Important
Public Date:
2015-05-13
IAVA:
2015-A-0112, 2015-A-0115
CWE:
CWE-119
Bugzilla:
1218611: CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access
An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest.

Find out more about CVE-2015-3456 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of the kvm and xen packages as shipped with Red Hat Enterprise Linux 5, the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6 and 7, and the versions of qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. Future updates for the respective releases will address this flaw.

CVSS v2 metrics

Base Score 6.5
Base Metrics AV:A/AC:H/Au:S/C:C/I:C/A:C
Access Vector Adjacent Network
Access Complexity High
Authentication Single
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
RHEV Agents (vdsm) (qemu-kvm-rhev) RHSA-2015:1001 2015-05-13
Red Hat Enterprise Linux Virtualization 5 (xen) RHSA-2015:1002 2015-05-13
Red Hat Enterprise Linux 5 (xen) RHSA-2015:1002 2015-05-13
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 (qemu-kvm-rhev) RHSA-2015:1004 2015-05-13
Red Hat Enterprise Linux Virtualization 5 (kvm) RHSA-2015:1003 2015-05-13
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 (qemu-kvm-rhev) RHSA-2015:1004 2015-05-13
Red Hat Enterprise Linux OpenStack Platform 4.0 (qemu-kvm-rhev) RHSA-2015:1004 2015-05-13
Red Hat Enterprise Linux Extended Update Support 6.5 (qemu-kvm) RHSA-2015:1031 2015-05-27
Managment Agent for RHEL 7 Hosts RHSA-2015:1011 2015-05-15
RHEV Hypervisor for RHEL-6 (rhev-hypervisor6) RHSA-2015:1011 2015-05-15
Managment Agent for RHEL 7 Hosts (qemu-kvm-rhev) RHSA-2015:1000 2015-05-13
Red Hat Enterprise Linux 6 (qemu-kvm) RHSA-2015:0998 2015-05-13
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 (qemu-kvm-rhev) RHSA-2015:1004 2015-05-13
Red Hat Enterprise Linux 7 (qemu-kvm) RHSA-2015:0999 2015-05-13

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 kvm Affected
RHEV-M for Servers rhev-hypervisor Affected

Acknowledgements

Red Hat would like to thank Jason Geffner of CrowdStrike for reporting this issue.

External References

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.