SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   QEMU Vendors:   QEMU.org
QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
SecurityTracker Alert ID:  1033074
SecurityTracker URL:  http://securitytracker.com/id/1033074
CVE Reference:   CVE-2015-5154   (Links to External Site)
Date:  Jul 27 2015
Impact:   User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in QEMU. A local user on the guest system can gain elevated privileges on the host system.

A local privileged user on a guest system that has a CDROM drive enabled can issue specially crafted ATAPI commands to trigger a heap overflow in the IDE subsystem to execute arbitrary code on the host systems. The code will run on the host with the privileges of the QEMU process assigned to the guest system.

Kevin Wolf of Red Hat reported this vulnerability.
Impact:   A local privileged user on the guest system can gain elevated privileges on the host system.
Solution:   A proposed patch is available at:

https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05162.html
Vendor URL:  wiki.qemu.org/Main_Page (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 27 2015 (Red Hat Issues Fix) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Jul 27 2015 (Xen Project Issues Fix for Xen) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
Xen Project has issued a fix for Xen.
Jul 27 2015 (Red Hat Issues Fix for Red Hat Enterprise Virtualization Hypervisor) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
Red Hat has issued a fix for Red Hat Enterprise Virtualization.
Jul 28 2015 (CentOS Issues Fix) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
CentOS has issued a fix for CentOS 7.
Jul 28 2015 (Oracle Issues Fix for Oracle Linux) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
Oracle has issued a fix for Oracle Linux 7.
Jul 28 2015 (Citrix Issues Fix for Citrix XenServer) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
Citrix has issued a fix for Citrix XenServer.
Jul 28 2015 (Ubuntu Issues Fix) QEMU IDE Heap Overflow Lets Local Users on a Guest System Gain Elevated Privileges on the Host System
Ubuntu has issued a fix for Ubuntu 14.04 LTS and 15.04.


 Source Message Contents


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC