CVE-2015-8817
MEDIUM5.5EPSS 0.09%發布日:2016/12/29修改日:2026/4/28
也稱為:DEBIAN-CVE-2015-8817
描述
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.
受影響套件(1)
- Debian/qemufrom 0, < 1:2.4+dfsg-1a
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.5 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |