CVE-2015-5225 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Qemu

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122 — Heap-based Buffer Overflow9 documents8 sources

Severity

7.2HIGHNVD

EPSS

0.2%

top 62.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Fedoraproject Fedora Redhat Openstack

Timeline

PublishedNov 6

Latest updateMay 17

Description

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶Debianqemu/qemu< 1:2.4+dfsg-1a+3

▶NVDqemu/qemu2.4.0

▶NVDredhat/openstack5.0, 6.0, 7.0+2

Also affects: Fedora 21, 22, 23

Patches

Patch: lists.gnu.org ↗Patch: lists.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-xf7r-x3p2-rg72: Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2↗2022-05-17

▶

OSV

CVE-2015-5225: Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2↗2015-11-06

▶

CVEList

CVE-2015-5225: Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2↗2015-11-06

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2015-08-27

▶

Red Hat

Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface↗2015-08-22

▶

Debian

CVE-2015-5225: qemu - Buffer overflow in the vnc_refresh_server_surface function in the VNC display dr...↗2015

▶

💬Community

Bugzilla

CVE-2015-5225 Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface↗2015-08-21

▶

Bugzilla

CVE-2015-5225 Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface [fedora-all]↗2015-08-21

▶