Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-3456

CWE-119Buffer Overflow17 documents11 sources
Severity
7.7HIGH
EPSS
32.3%
top 3.16%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
5
Qemu QemuRedhat Enterprise LinuxRedhat Enterprise Virtualization+2 more
Timeline
PublishedMay 13
Latest updateMay 13

Description

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.

CVSS vector

AV:A/AC:L/C:C/I:C/A:CExploitability: 5.1 | Impact: 10.0

Affected Packages7 packages

Debianqemu< 1:2.3+dfsg-3+3
Ubuntuqemu< 2.0.0+dfsg-2ubuntu1.11
NVDqemu/qemu2.3.0
Debianxen< 4.4.0-1+3
NVDxen/xen4.5.0

Also affects: Enterprise Linux 5, 6.0, 7.0

🔴Vulnerability Details

4
GHSA
GHSA-f822-h734-j822: The Floppy Disk Controller (FDC) in QEMU, as used in Xen 42022-05-13
OSV
CVE-2015-3456: The Floppy Disk Controller (FDC) in QEMU, as used in Xen 42015-05-13
CVEList
CVE-2015-3456: The Floppy Disk Controller (FDC) in QEMU, as used in Xen 42015-05-13
OSV
qemu, qemu-kvm vulnerabilities2015-05-13

💥Exploits & PoCs

1
Exploit-DB
QEMU - Floppy Disk Controller (FDC) (PoC)2015-05-18

📋Vendor Advisories

3
Ubuntu
QEMU vulnerabilities2015-05-13
Red Hat
qemu: fdc: out-of-bounds fifo buffer memory access2015-05-13
Debian
CVE-2015-3456: qemu - The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and K...2015

🕵️Threat Intelligence

2
Qualys
Venom Hypervisor Vulnerability | Qualys2015-05-13
Qualys
Venom Hypervisor Vulnerability | Qualys2015-05-13

💬Community

4
Bugzilla
CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access [epel-7]2015-05-15
Bugzilla
CVE-2015-3456 xen: qemu: fdc: out-of-bounds fifo buffer memory access [fedora-all]2015-05-13
Bugzilla
CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access [fedora-all]2015-05-13
Bugzilla
CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access2015-05-05
CVE-2015-3456 (HIGH CVSS 7.7) | The Floppy Disk Controller (FDC) in | cvebase.io