Vulnerability Details CVE-2015-6815
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.3%
CVSS Severity
CVSS v3 Score 3.5
CVSS v2 Score 2.7
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html
- http://www.openwall.com/lists/oss-security/2015/09/04/4
- http://www.openwall.com/lists/oss-security/2015/09/05/5
- http://www.ubuntu.com/usn/USN-2745-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1260076
- https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html
- https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
- https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html
- http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html
- http://www.openwall.com/lists/oss-security/2015/09/04/4
- http://www.openwall.com/lists/oss-security/2015/09/05/5
- http://www.ubuntu.com/usn/USN-2745-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1260076
- https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html
- https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
- https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14
Products affected by CVE-2015-6815
-
cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0
-
cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0
-
cpe:2.3:a:qemu:qemu:-
-
cpe:2.3:a:qemu:qemu:0.1
-
cpe:2.3:a:qemu:qemu:0.1.0
-
cpe:2.3:a:qemu:qemu:0.1.1
-
cpe:2.3:a:qemu:qemu:0.1.2
-
cpe:2.3:a:qemu:qemu:0.1.3
-
cpe:2.3:a:qemu:qemu:0.1.4
-
cpe:2.3:a:qemu:qemu:0.1.5
-
cpe:2.3:a:qemu:qemu:0.1.6
-
cpe:2.3:a:qemu:qemu:0.10.0
-
cpe:2.3:a:qemu:qemu:0.10.1
-
cpe:2.3:a:qemu:qemu:0.10.2
-
cpe:2.3:a:qemu:qemu:0.10.3
-
cpe:2.3:a:qemu:qemu:0.10.4
-
cpe:2.3:a:qemu:qemu:0.10.5
-
cpe:2.3:a:qemu:qemu:0.10.6
-
cpe:2.3:a:qemu:qemu:0.11.0
-
cpe:2.3:a:qemu:qemu:0.11.0-rc0
-
cpe:2.3:a:qemu:qemu:0.11.0-rc1
-
cpe:2.3:a:qemu:qemu:0.11.0-rc2
-
cpe:2.3:a:qemu:qemu:0.11.1
-
cpe:2.3:a:qemu:qemu:0.12.0
-
cpe:2.3:a:qemu:qemu:0.12.1
-
cpe:2.3:a:qemu:qemu:0.12.2
-
cpe:2.3:a:qemu:qemu:0.12.3
-
cpe:2.3:a:qemu:qemu:0.12.4
-
cpe:2.3:a:qemu:qemu:0.12.5
-
cpe:2.3:a:qemu:qemu:0.13.0
-
cpe:2.3:a:qemu:qemu:0.14.0
-
cpe:2.3:a:qemu:qemu:0.14.1
-
cpe:2.3:a:qemu:qemu:0.15.0
-
cpe:2.3:a:qemu:qemu:0.15.1
-
cpe:2.3:a:qemu:qemu:0.15.2
-
cpe:2.3:a:qemu:qemu:0.2
-
cpe:2.3:a:qemu:qemu:0.2.0
-
cpe:2.3:a:qemu:qemu:0.3
-
cpe:2.3:a:qemu:qemu:0.3.0
-
cpe:2.3:a:qemu:qemu:0.4
-
cpe:2.3:a:qemu:qemu:0.4.0
-
cpe:2.3:a:qemu:qemu:0.4.1
-
cpe:2.3:a:qemu:qemu:0.4.2
-
cpe:2.3:a:qemu:qemu:0.4.3
-
cpe:2.3:a:qemu:qemu:0.4.4
-
cpe:2.3:a:qemu:qemu:0.5.0
-
cpe:2.3:a:qemu:qemu:0.5.1
-
cpe:2.3:a:qemu:qemu:0.5.2
-
cpe:2.3:a:qemu:qemu:0.5.3
-
cpe:2.3:a:qemu:qemu:0.5.4
-
cpe:2.3:a:qemu:qemu:0.5.5
-
cpe:2.3:a:qemu:qemu:0.6.0
-
cpe:2.3:a:qemu:qemu:0.6.1
-
cpe:2.3:a:qemu:qemu:0.7.0
-
cpe:2.3:a:qemu:qemu:0.7.1
-
cpe:2.3:a:qemu:qemu:0.7.2
-
cpe:2.3:a:qemu:qemu:0.8.0
-
cpe:2.3:a:qemu:qemu:0.8.1
-
cpe:2.3:a:qemu:qemu:0.8.2
-
cpe:2.3:a:qemu:qemu:0.9.0
-
cpe:2.3:a:qemu:qemu:0.9.1
-
cpe:2.3:a:qemu:qemu:0.9.1-5
-
cpe:2.3:a:qemu:qemu:1
-
cpe:2.3:a:qemu:qemu:1.0
-
cpe:2.3:a:qemu:qemu:1.0.1
-
cpe:2.3:a:qemu:qemu:1.1
-
cpe:2.3:a:qemu:qemu:1.1.0
-
cpe:2.3:a:qemu:qemu:1.1.1
-
cpe:2.3:a:qemu:qemu:1.1.2
-
cpe:2.3:a:qemu:qemu:1.1.2+dfsg
-
cpe:2.3:a:qemu:qemu:1.2.0
-
cpe:2.3:a:qemu:qemu:1.2.1
-
cpe:2.3:a:qemu:qemu:1.2.2
-
cpe:2.3:a:qemu:qemu:1.3.0
-
cpe:2.3:a:qemu:qemu:1.3.1
-
cpe:2.3:a:qemu:qemu:1.4.0
-
cpe:2.3:a:qemu:qemu:1.4.1
-
cpe:2.3:a:qemu:qemu:1.4.2
-
cpe:2.3:a:qemu:qemu:1.5.0
-
cpe:2.3:a:qemu:qemu:1.5.1
-
cpe:2.3:a:qemu:qemu:1.5.2
-
cpe:2.3:a:qemu:qemu:1.5.3
-
cpe:2.3:a:qemu:qemu:1.6.0
-
cpe:2.3:a:qemu:qemu:1.6.1
-
cpe:2.3:a:qemu:qemu:1.6.2
-
cpe:2.3:a:qemu:qemu:1.7.0
-
cpe:2.3:a:qemu:qemu:1.7.1
-
cpe:2.3:a:qemu:qemu:1.7.2
-
cpe:2.3:a:qemu:qemu:2.0.0
-
cpe:2.3:a:qemu:qemu:2.0.1
-
cpe:2.3:a:qemu:qemu:2.0.2
-
cpe:2.3:a:qemu:qemu:2.1+dfsg
-
cpe:2.3:a:qemu:qemu:2.1.0
-
cpe:2.3:a:qemu:qemu:2.1.1
-
cpe:2.3:a:qemu:qemu:2.1.2
-
cpe:2.3:a:qemu:qemu:2.1.3
-
cpe:2.3:a:qemu:qemu:2.2.0
-
cpe:2.3:a:qemu:qemu:2.2.1
-
cpe:2.3:a:qemu:qemu:2.3.0
-
cpe:2.3:a:qemu:qemu:2.3.1
-
cpe:2.3:a:qemu:qemu:2.4.0
-
cpe:2.3:a:redhat:openstack:5.0
-
cpe:2.3:a:redhat:openstack:6.0
-
cpe:2.3:a:redhat:openstack:7.0
-
cpe:2.3:o:arista:eos:4.12
-
cpe:2.3:o:arista:eos:4.13
-
cpe:2.3:o:arista:eos:4.14
-
cpe:2.3:o:arista:eos:4.15
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:15.04
-
cpe:2.3:o:fedoraproject:fedora:21
-
cpe:2.3:o:fedoraproject:fedora:22
-
cpe:2.3:o:fedoraproject:fedora:23
-
cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11.0
-
cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0
-
cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0
-
cpe:2.3:o:novell:suse_linux_enterprise_server:11.0
-
cpe:2.3:o:novell:suse_linux_enterprise_server:12.0
-
cpe:2.3:o:redhat:enterprise_linux:5.0
-
cpe:2.3:o:redhat:enterprise_linux:6.0
-
cpe:2.3:o:redhat:enterprise_linux:7.0
-
cpe:2.3:o:xen:xen:4.4.3
-
cpe:2.3:o:xen:xen:4.5.1