CVE-2015-8743 — Out-of-bounds Read in Qemu

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write10 documents7 sources

Severity

7.1HIGHNVD

OSV6.0

EPSS

0.1%

top 80.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Debian Linux

Timeline

PublishedDec 29

Latest updateMay 13

Description

QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

▶debiandebian/qemu< qemu 1:2.5+dfsg-2 (bookworm)

▶Debianqemu/qemu< 1:2.5+dfsg-2+3

▶Ubuntuqemu/qemu< 2.0.0+dfsg-2ubuntu1.22

▶NVDqemu/qemu2.5.1

Also affects: Debian Linux 7.0, 8.0

Patches

Patch: lists.gnu.org ↗Patch: lists.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-3r2v-v8vm-3g58: QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue↗2022-05-13

▶

OSV

CVE-2015-8743: QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue↗2016-12-29

▶

OSV

qemu, qemu-kvm vulnerabilities↗2016-02-03

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2016-02-03

▶

Red Hat

Qemu: net: ne2000: OOB memory access in ioport r/w functions↗2015-12-30

▶

Debian

CVE-2015-8743: qemu - QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vuln...↗2015

▶

💬Community

Bugzilla

CVE-2015-8743 xen: Qemu: net: ne2000: OOB memory access in ioport r/w functions [fedora-all]↗2015-12-30

▶

Bugzilla

CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w functions [fedora-all]↗2015-12-30

▶

Bugzilla

CVE-2015-8743 Qemu: net: ne2000: OOB memory access in ioport r/w functions↗2015-09-21

▶