Main Vulnerability Database SB2015062604

SB2015062604 - SUSE Linux update for KVM

Published: June 26, 2015

Security Bulletin ID SB2015062604

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2015-3209)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

2) Input validation error (CVE-ID: CVE-2015-4037)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.

Remediation

Install update from vendor's website.

References

https://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html