← Voltar para CVEs
CVE-2015-7512
CRITICAL9.0
Descricao
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
Detalhes CVE
Pontuacao CVSS v3.19.0
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado1/8/2016
Ultima modificacao4/12/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
debian:debian_linuxoracle:linuxqemu:qemuredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_workstationredhat:openstackredhat:virtualization
Fraquezas (CWE)
CWE-120
Referencias
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-2694.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-2695.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2015-2696.html(secalert@redhat.com)
http://www.debian.org/security/2016/dsa-3469(secalert@redhat.com)
http://www.debian.org/security/2016/dsa-3470(secalert@redhat.com)
http://www.debian.org/security/2016/dsa-3471(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2015/11/30/3(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html(secalert@redhat.com)
http://www.securityfocus.com/bid/78230(secalert@redhat.com)
http://www.securitytracker.com/id/1034527(secalert@redhat.com)
https://security.gentoo.org/glsa/201602-01(secalert@redhat.com)
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-2694.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-2695.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-2696.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3469(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3470(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3471(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2015/11/30/3(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/78230(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034527(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201602-01(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.