CVE-2015-5239 — MEDIUM (6.5)

Q: What is CVE-2015-5239?

CVE-2015-5239 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

Q: How severe is CVE-2015-5239?

CVE-2015-5239 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-5239?

Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu, Fedoraproject Fedora, Canonical Ubuntu Linux, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop.

Vulnerability Description

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qemu	Qemu	< 2.1.0
Fedoraproject	Fedora	21
Canonical	Ubuntu Linux	12.04
Suse	Linux Enterprise Debuginfo	11
Suse	Linux Enterprise Desktop	11
Suse	Linux Enterprise Server	11
Suse	Linux Enterprise Software Development Kit	11
Arista	Eos	4.12

Related Weaknesses (CWE)

CWE-835

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.htMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.htMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.htMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.htmlMailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2015/09/02/7Mailing ListPatchThird Party Advisory
http://www.ubuntu.com/usn/USN-2745-1PatchThird Party Advisory
https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922dPatchThird Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1188-seThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.htMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.htMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.htMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2015-5239?

CVE-2015-5239 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

How severe is CVE-2015-5239?

CVE-2015-5239 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-5239?

Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu, Fedoraproject Fedora, Canonical Ubuntu Linux, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop.