CVE-2015-6855 — Divide By Zero in Qemu

CWE-369 — Divide By Zero9 documents9 sources

Severity

7.5HIGHNVD

EPSS

5.8%

top 9.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Canonical Ubuntu Linux Debian Linux +3 more

Timeline

PublishedNov 6

Latest updateMay 13

Description

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶Debianqemu/qemu< 1:2.4+dfsg-2+3

▶NVDqemu/qemu2.4.1

▶NVDsuse/linux_enterprise_server12

▶NVDsuse/linux_enterprise_desktop12

Also affects: Debian Linux 7.0, 8.0, 9.0, Fedora 21, 22, 23, Ubuntu Linux 12.04, 14.04, 15.04

🔴Vulnerability Details

GHSA

GHSA-8gcq-wcj5-xgq6: hw/ide/core↗2022-05-13

▶

CVEList

CVE-2015-6855: hw/ide/core↗2015-11-06

▶

OSV

CVE-2015-6855: hw/ide/core↗2015-11-06

▶

💥Exploits & PoCs

Exploit-DB

Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery↗2015-06-10

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2015-09-24

▶

Red Hat

Qemu: ide: divide by zero issue↗2015-09-09

▶

Debian

CVE-2015-6855: qemu - hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATA...↗2015

▶

💬Community

Bugzilla

CVE-2015-6855 Qemu: ide: divide by zero issue↗2015-09-04

▶