6.9
CVE-2015-3214
- EPSS 1.47%
- Veröffentlicht 31.08.2015 10:59:07
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 2.6.32
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Lenovo ≫ Emc Px12-400r Ivx Version < 1.0.10.33264
Lenovo ≫ Emc Px12-450r Ivx Version < 1.0.10.33264
Redhat ≫ Virtualization Version3.0
Redhat ≫ Enterprise Linux Compute Node Eus Version7.1
Redhat ≫ Enterprise Linux Compute Node Eus Version7.2
Redhat ≫ Enterprise Linux Compute Node Eus Version7.3
Redhat ≫ Enterprise Linux Compute Node Eus Version7.4
Redhat ≫ Enterprise Linux Compute Node Eus Version7.5
Redhat ≫ Enterprise Linux Compute Node Eus Version7.6
Redhat ≫ Enterprise Linux Compute Node Eus Version7.7
Redhat ≫ Enterprise Linux For Power Big Endian Version7.0
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.1_ppc64
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.2_ppc64
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.3_ppc64
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.4_ppc64
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.5_ppc64
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.6_ppc64
Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.7_ppc64
Redhat ≫ Enterprise Linux For Scientific Computing Version7.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Server Aus Version7.3
Redhat ≫ Enterprise Linux Server Aus Version7.4
Redhat ≫ Enterprise Linux Server Aus Version7.6
Redhat ≫ Enterprise Linux Server Aus Version7.7
Redhat ≫ Enterprise Linux Server Eus Version7.1
Redhat ≫ Enterprise Linux Server Eus Version7.2
Redhat ≫ Enterprise Linux Server Eus Version7.3
Redhat ≫ Enterprise Linux Server Eus Version7.4
Redhat ≫ Enterprise Linux Server Eus Version7.5
Redhat ≫ Enterprise Linux Server Eus Version7.6
Redhat ≫ Enterprise Linux Server Eus Version7.7
Redhat ≫ Enterprise Linux Server From Rhui Version7.0
Redhat ≫ Enterprise Linux Server Tus Version7.3
Redhat ≫ Enterprise Linux Server Tus Version7.6
Redhat ≫ Enterprise Linux Server Tus Version7.7
Redhat ≫ Enterprise Linux Workstation Version7.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.47% | 0.801 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.9 | 3.4 | 10 |
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.