CVE-2015-4106
published 2015-06-03CVE-2015-4106: QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain…
medium4.6CVSS 3.1
AVLACLAuNCPIPAP
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
Affected
39 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | qemu | < qemu 1:2.3+dfsg-5 (bookworm) | qemu 1:2.3+dfsg-5 (bookworm) |
| debian | xen | < qemu 1:2.3+dfsg-5 (bookworm) | qemu 1:2.3+dfsg-5 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| qemu | qemu | <= 2.3.1 | — |
| qemu | qemu | >= 0 < 1:2.3+dfsg-5 | 1:2.3+dfsg-5 |
CVSS provenance
nvd4.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH