CVE-2015-8745
CVE-2015-8745
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c6048f849c7e3f009786df76206e895https://bugzilla.redhat.com/show_bug.cgi?id=1270876https://security.gentoo.org/glsa/201602-01http://www.debian.org/security/2016/dsa-3471http://www.openwall.com/lists/oss-security/2016/01/04/4http://www.openwall.com/lists/oss-security/2016/01/04/7http://www.securityfocus.com/bid/79822http://www.securitytracker.com/id/1034575