|
|
|||
| Rule General Information |
|---|
| Release Date: | 2015-07-10 | |
| Rule Name: | QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability -1 (CVE-2015-3456) | |
| Severity: | ||
| CVE ID: | ||
| CNNVD ID: | ||
| Rule Protection Details |
|---|
| Description: | The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. | |
| Impact: | An attacker can execute arbitrary code in the context of the vulnerable system. Failed exploit may cause denial-of-service attack. | |
| Affected OS: | Other Unix, FreeBSD, Linux | |
| Reference: | SecurityFocusBID:74640 SecurityTrackerID:1032306 SecurityTrackerID:1032311 ExploitDB:37053 |
|
| Solutions |
|---|
| The vendor has updated advisory on its official website. Please check it for more information. |