CVE-2015-3214: The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might…

medium6.9CVSS 3.1

AVLACMAuNCCICAC

EXPLOIT

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.

Affected

63 ranges· showing 25

Vendor	Product	Version range	Fixed in
arista	eos	—	—
arista	eos	—	—
arista	eos	—	—
arista	eos	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	linux	< qemu 1:2.4+dfsg-1a (bookworm)	qemu 1:2.4+dfsg-1a (bookworm)
debian	qemu	< qemu 1:2.4+dfsg-1a (bookworm)	qemu 1:2.4+dfsg-1a (bookworm)
debian	xen	< qemu 1:2.4+dfsg-1a (bookworm)	qemu 1:2.4+dfsg-1a (bookworm)
lenovo	emc_px12-400r_ivx	< 1.0.10.33264	1.0.10.33264
lenovo	emc_px12-450r_ivx	< 1.0.10.33264	1.0.10.33264
linux	linux_kernel	<= 2.6.32	—
qemu	qemu	<= 2.3.0	—
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 2.0.0+dfsg-2ubuntu1.15	2.0.0+dfsg-2ubuntu1.15
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—

CVSS provenance

nvd6.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C

osv6.9MEDIUM