FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2015-6855

This CVE name corresponds to:

Entered Topic
2016-01-02 qemu -- denial of service vulnerability in IDE disk/CD/DVD-ROM emulation

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2015-6855 at cve.mitre.org

Details

Type Candidate
Name CVE-2015-6855
Phase Assigned(20150910)

Description

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.

References

Source Reference
MLIST [Qemu-devel] 20150907 [PATCH] ide: fix ATAPI command permissions
MLIST [oss-security] 20150910 CVE request Qemu: ide: divide by zero issue
MLIST [oss-security] 20150910 Re: CVE request Qemu: ide: divide by zero issue
DEBIAN DSA-3361
DEBIAN DSA-3362
FEDORA FEDORA-2015-16368
FEDORA FEDORA-2015-16369
FEDORA FEDORA-2015-16370
FEDORA FEDORA-2015-4896530727
FEDORA FEDORA-2015-8dc71ade88
FEDORA FEDORA-2015-d6ea74993a
SUSE SUSE-SU-2015:1782
UBUNTU USN-2745-1
BID 76691

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.