CVE-2012-3515
published 2012-11-23CVE-2012-3515: Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain…
high7.2CVSS 3.1
AVLACLAuNCCICAC
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | qemu | < qemu 1.1.2+dfsg-1 (bookworm) | qemu 1.1.2+dfsg-1 (bookworm) |
| debian | xen | < qemu 1.1.2+dfsg-1 (bookworm) | qemu 1.1.2+dfsg-1 (bookworm) |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| qemu | qemu | < 1.2.0 | 1.2.0 |
| qemu | qemu | >= 0 < 1.1.2+dfsg-1 | 1.1.2+dfsg-1 |
| qemu | qemu | >= 0 < 1.1.2+dfsg-1 | 1.1.2+dfsg-1 |
| qemu | qemu | >= 0 < 1.1.2+dfsg-1 | 1.1.2+dfsg-1 |
| qemu | qemu | >= 0 < 1.1.2+dfsg-1 | 1.1.2+dfsg-1 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | virtualization | — | — |
| redhat | virtualization | — | — |
CVSS provenance
nvd7.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH