CVE-2015-3456
CVE-2015-3456
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
Productos afectados
n/a · n/aPoCs públicas encontradas — 4
githubgithub.com/vincentbernat/cve-2015-3456★ 13githubgithub.com/orf53975/poisonfrog★ 0cve_referencewww.exploit-db.com/exploits/37053/no verificadoexploitdbwww.exploit-db.com/exploits/37053no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795fedee2e824chttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html