7.7
CVE-2015-8567
- EPSS 5.56%
- Veröffentlicht 13.04.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version15.10
Debian ≫ Debian Linux Version8.0
Suse ≫ Linux Enterprise Debuginfo Version11 Updatesp4
Suse ≫ Linux Enterprise Desktop Version11 Updatesp4
Suse ≫ Linux Enterprise Desktop Version12 Update-
Suse ≫ Linux Enterprise Desktop Version12 Updatesp1
Suse ≫ Linux Enterprise Server Version11 Updatesp4
Suse ≫ Linux Enterprise Server Version12 Update-
Suse ≫ Linux Enterprise Server Version12 Updatesp1
Suse ≫ Linux Enterprise Software Development Kit Version11 Updatesp4
Suse ≫ Linux Enterprise Software Development Kit Version12 Update-
Suse ≫ Linux Enterprise Software Development Kit Version12 Updatesp1
Fedoraproject ≫ Fedora Version22
Fedoraproject ≫ Fedora Version23
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.56% | 0.918 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://security.gentoo.org/glsa/201602-01
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2015/12/15/10
http://www.securityfocus.com/bid/79721
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176503.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176558.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175967.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176300.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00087.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00003.html
http://www.ubuntu.com/usn/USN-2891-1