Vulnerability Description
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qemu | Qemu | <= 2.3.0 |
| Redhat | Enterprise Virtualization | 3.0 |
| Redhat | Openstack | 4.0 |
| Redhat | Enterprise Linux | 5 |
| Xen | Xen | 4.5.0 |
Related Weaknesses (CWE)
References
- http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=e907746266721f305d67bc0718795
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693
- http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html
- http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html
- http://marc.info/?l=bugtraq&m=143229451215900&w=2
- http://marc.info/?l=bugtraq&m=143387998230996&w=2
- http://rhn.redhat.com/errata/RHSA-2015-0998.html
FAQ
What is CVE-2015-3456?
CVE-2015-3456 is a vulnerability with a CVSS score of 7.7 (HIGH). The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbi...
How severe is CVE-2015-3456?
CVE-2015-3456 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3456?
Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu, Redhat Enterprise Virtualization, Redhat Openstack, Redhat Enterprise Linux, Xen Xen.