CVE - CVE-2015-3456

CVE-ID
CVE-2015-3456	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
EXPLOIT-DB:37053 URL:https://www.exploit-db.com/exploits/37053/ MISC:http://venom.crowdstrike.com/ CONFIRM:http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c CONFIRM:http://xenbits.xen.org/xsa/advisory-133.html CONFIRM:https://access.redhat.com/articles/1444903 CONFIRM:https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ CONFIRM:https://www.suse.com/security/cve/CVE-2015-3456.html CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10118 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html CONFIRM:https://support.lenovo.com/us/en/product_security/venom CONFIRM:http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693 CONFIRM:http://support.citrix.com/article/CTX201078 CONFIRM:https://bto.bluecoat.com/security-advisory/sa95 CONFIRM:http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability CONFIRM:https://kb.juniper.net/JSA10783 DEBIAN:DSA-3274 URL:http://www.debian.org/security/2015/dsa-3274 DEBIAN:DSA-3259 URL:http://www.debian.org/security/2015/dsa-3259 DEBIAN:DSA-3262 URL:http://www.debian.org/security/2015/dsa-3262 FEDORA:FEDORA-2015-8249 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html GENTOO:GLSA-201602-01 URL:https://security.gentoo.org/glsa/201602-01 GENTOO:GLSA-201604-03 URL:https://security.gentoo.org/glsa/201604-03 GENTOO:GLSA-201612-27 URL:https://security.gentoo.org/glsa/201612-27 HP:HPSBMU03336 URL:http://marc.info/?l=bugtraq&m=143229451215900&w=2 HP:SSRT102076 URL:http://marc.info/?l=bugtraq&m=143229451215900&w=2 HP:HPSBMU03349 URL:http://marc.info/?l=bugtraq&m=143387998230996&w=2 REDHAT:RHSA-2015:0998 URL:http://rhn.redhat.com/errata/RHSA-2015-0998.html REDHAT:RHSA-2015:0999 URL:http://rhn.redhat.com/errata/RHSA-2015-0999.html REDHAT:RHSA-2015:1000 URL:http://rhn.redhat.com/errata/RHSA-2015-1000.html REDHAT:RHSA-2015:1001 URL:http://rhn.redhat.com/errata/RHSA-2015-1001.html REDHAT:RHSA-2015:1002 URL:http://rhn.redhat.com/errata/RHSA-2015-1002.html REDHAT:RHSA-2015:1003 URL:http://rhn.redhat.com/errata/RHSA-2015-1003.html REDHAT:RHSA-2015:1004 URL:http://rhn.redhat.com/errata/RHSA-2015-1004.html REDHAT:RHSA-2015:1011 URL:http://rhn.redhat.com/errata/RHSA-2015-1011.html SUSE:SUSE-SU-2015:0927 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html SUSE:SUSE-SU-2015:0929 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html SUSE:SUSE-SU-2015:0896 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html SUSE:openSUSE-SU-2015:1400 URL:http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html SUSE:openSUSE-SU-2015:0983 URL:http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html SUSE:SUSE-SU-2015:0889 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html SUSE:openSUSE-SU-2015:0893 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html SUSE:openSUSE-SU-2015:0894 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html SUSE:SUSE-SU-2015:0923 URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html UBUNTU:USN-2608-1 URL:http://www.ubuntu.com/usn/USN-2608-1 BID:74640 URL:http://www.securityfocus.com/bid/74640 SECTRACK:1032306 URL:http://www.securitytracker.com/id/1032306 SECTRACK:1032311 URL:http://www.securitytracker.com/id/1032311 SECTRACK:1032917 URL:http://www.securitytracker.com/id/1032917
Assigning CNA
N/A
Date Entry Created
20150429	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20150429)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org