7.7

CVE-2015-8567

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QemuQemu Version <= 2.5.1.1
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version15.10
DebianDebian Linux Version8.0
SuseLinux Enterprise Debuginfo Version11 Updatesp4
OpensuseLeap Version42.1
OpensuseOpensuse Version13.2
SuseLinux Enterprise Desktop Version11 Updatesp4
SuseLinux Enterprise Desktop Version12 Update-
SuseLinux Enterprise Desktop Version12 Updatesp1
SuseLinux Enterprise Server Version11 Updatesp4
SuseLinux Enterprise Server Version12 Update-
SuseLinux Enterprise Server Version12 Updatesp1
FedoraprojectFedora Version22
FedoraprojectFedora Version23
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.56% 0.918
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.7 3.1 4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov 6.8 8 6.9
AV:N/AC:L/Au:S/C:N/I:N/A:C
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://security.gentoo.org/glsa/201602-01
Third Party Advisory
http://www.debian.org/security/2016/dsa-3471
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/12/15/10
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/79721
Third Party Advisory
VDB Entry
Mailing List
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
Patch
Third Party Advisory
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176503.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176558.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175967.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176300.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00010.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00012.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00087.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00002.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00049.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00017.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00058.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00003.html
Third Party Advisory
Mailing List
http://www.ubuntu.com/usn/USN-2891-1
Third Party Advisory