CVE-2015-8817

Published: Dec 29, 2016Modified: May 6, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.

Affected (26)

Products: Qemu: Qemu

1 product

Configuration A

26 vulnerable

Vulnerable Software	Affected Versions
Qemu Qemu	Version 1.6.0
Qemu Qemu	Version 1.6.0 rc1
Qemu Qemu	Version 1.6.0 rc2
Qemu Qemu	Version 1.6.0 rc3
Qemu Qemu	Version 1.6.1
Qemu Qemu	Version 1.6.2
Qemu Qemu	Version 1.7.1
Qemu Qemu	Version 2.0.0
Qemu Qemu	Version 2.0.0 rc0
Qemu Qemu	Version 2.0.0 rc1
Qemu Qemu	Version 2.0.0 rc2
Qemu Qemu	Version 2.0.0 rc3
Qemu Qemu	Version 2.0.2
Qemu Qemu	Version 2.1.0
Qemu Qemu	Version 2.1.0 rc0
Qemu Qemu	Version 2.1.0 rc1
Qemu Qemu	Version 2.1.0 rc2
Qemu Qemu	Version 2.1.0 rc3
Qemu Qemu	Version 2.1.0 rc5
Qemu Qemu	Version 2.1.1
Qemu Qemu	Version 2.1.2
Qemu Qemu	Version 2.1.3
Qemu Qemu	Version 2.2.0
Qemu Qemu	Version 2.2.1
Qemu Qemu	Version 2.3.0
Qemu Qemu	Version 2.3.1

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (22)

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=23820dbfc79d1c9dce090b4c555994f2bb6a69b3

Source: secalert@redhat.com

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2670.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2671.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2704.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2705.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2706.html

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2016/03/01/1

Source: secalert@redhat.com

Mailing ListPatch

http://www.openwall.com/lists/oss-security/2016/03/01/10

Source: secalert@redhat.com

Mailing ListPatch

https://bugzilla.redhat.com/show_bug.cgi?id=1300771

Source: secalert@redhat.com

Issue Tracking

https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html

Source: secalert@redhat.com

Mailing List

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=23820dbfc79d1c9dce090b4c555994f2bb6a69b3

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2016-2670.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2016-2671.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2016-2704.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2016-2705.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2016-2706.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2016/03/01/1

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

http://www.openwall.com/lists/oss-security/2016/03/01/10

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://bugzilla.redhat.com/show_bug.cgi?id=1300771

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

Timeline

No history available yet.