CVE-2015-3456

Summary

CVE	CVE-2015-3456
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2015-05-13 18:59:00 UTC
Updated	2023-11-07 02:25:00 UTC
Description	The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.

Risk And Classification

Problem Types: CWE-119

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Qemu	Qemu	All	All	All	All
Operating System	Redhat	Enterprise Linux	5	All	All	All
Operating System	Redhat	Enterprise Linux	6.0	All	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Operating System	Redhat	Enterprise Linux	5	All	All	All
Operating System	Redhat	Enterprise Linux	6.0	All	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Application	Redhat	Enterprise Virtualization	3.0	All	All	All
Application	Redhat	Enterprise Virtualization	3.0	All	All	All
Application	Redhat	Openstack	4.0	All	All	All
Application	Redhat	Openstack	5.0	All	All	All
Application	Redhat	Openstack	6.0	All	All	All
Application	Redhat	Openstack	7.0	All	All	All
Application	Redhat	Openstack	4.0	All	All	All
Application	Redhat	Openstack	5.0	All	All	All
Application	Redhat	Openstack	6.0	All	All	All
Application	Redhat	Openstack	7.0	All	All	All
Operating System	Xen	Xen	4.5.0	All	All	All
Operating System	Xen	Xen	4.5.0	All	All	All

References

Reference	Source	Link	Tags
[security-announce] openSUSE-SU-2015:0983-1: important: Security update	SUSE	lists.opensuse.org
CVE-2015-3456	CONFIRM	www.suse.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Debian -- Security Information -- DSA-3274-1 virtualbox	DEBIAN	www.debian.org
[security-announce] SUSE-SU-2015:0923-1: important: Security update for	SUSE	lists.opensuse.org
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability	BID	www.securityfocus.com
[security-announce] openSUSE-SU-2015:0894-1: important: Security update	SUSE	lists.opensuse.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
McAfee KnowledgeBase - Intel Security - Security Bulletin: Advanced Threat Defense update for Venom vulnerability	CONFIRM	kc.mcafee.com
VENOM, don’t get bitten. \| Red Hat Security	CONFIRM	securityblog.redhat.com
Xen Floppy Disk Controller Emulation Flaw Lets Local Users Gain Elevated Privileges - SecurityTracker	SECTRACK	www.securitytracker.com
Oracle Critical Patch Update - July 2015	CONFIRM	www.oracle.com
2017-04 Security Bulletin: Multiple Vulnerabilities in NorthStar Controller Application before version 2.1.0 Service Pack 1. - Juniper Networks	CONFIRM	kb.juniper.net
git.qemu.org Git - qemu.git/commitdiff		git.qemu.org
Broadcom Support Portal	CONFIRM	bto.bluecoat.com
VENOM: QEMU vulnerability (CVE-2015-3456) - Red Hat Customer Portal	CONFIRM	access.redhat.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
'[security bulletin] HPSBMU03336 rev.1- HP Helion OpenStack affected by VENOM, Denial of Service (DoS' - MARC	HP	marc.info
[SECURITY] Fedora 21 Update: qemu-2.1.3-7.fc21	FEDORA	lists.fedoraproject.org
VirtualBox: Multiple vulnerabilities (GLSA 201612-27) — Gentoo security	GENTOO	security.gentoo.org
openSUSE-SU-2015:1400-1: moderate: Security update for virtualbox	SUSE	lists.opensuse.org
USN-2608-1: QEMU vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
Oracle PeopleSoft Products Lets Local Users Gain Elevated Privileges and Remote Users Partially Access Data and Partially Deny Service - SecurityTracker	SECTRACK	www.securitytracker.com
QEMU Floppy Disk Controller Emulation Flaw Lets Local Users Gain Elevated Privileges - SecurityTracker	SECTRACK	www.securitytracker.com
git.qemu.org Git - qemu.git/commitdiff	CONFIRM	git.qemu.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Arista - Security Advisory 0010	MISC	www.arista.com
[security-announce] SUSE-SU-2015:0927-1: important: Security update for	SUSE	lists.opensuse.org
VENOM Vulnerability	MISC	venom.crowdstrike.com
FortiGuard	CONFIRM	www.fortiguard.com
[security-announce] SUSE-SU-2015:0929-1: important: Security update for	SUSE	lists.opensuse.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Venom - Lenovo Support (US)	CONFIRM	support.lenovo.com
Debian -- Security Information -- DSA-3262-1 xen	DEBIAN	www.debian.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
[security-announce] openSUSE-SU-2015:0893-1: important: Security update	SUSE	lists.opensuse.org
Xen: Multiple vulnerabilities (GLSA 201604-03) — Gentoo Security	GENTOO	security.gentoo.org
Object not found!	SUSE	lists.opensuse.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
'[security bulletin] HPSBMU03349 rev.1- HP Helion CloudSystem, Local Denial of Service (DoS), Arbitra' - MARC	HP	marc.info
XSA-133 - Xen Security Advisories	CONFIRM	xenbits.xen.org
Debian -- Security Information -- DSA-3259-1 qemu	DEBIAN	www.debian.org
Citrix Security Advisory for CVE-2015-3456	CONFIRM	support.citrix.com
Security Advisory - VENOM Vulnerability in Huawei Products - Huawei PSIRT	CONFIRM	www1.huawei.com
[security-announce] SUSE-SU-2015:0889-1: important: Security update for	SUSE	lists.opensuse.org
2015-07 Security Bulletin: Buffer overflow vulnerability in QEMU component of the KVM/QEMU and Xen hypervisors (CVE-2015-3456) aka VENOM - Juniper Networks	CONFIRM	kb.juniper.net
QEMU: Multiple vulnerabilities (GLSA 201602-01) — Gentoo security	GENTOO	security.gentoo.org
QEMU - Floppy Disk Controller (FDC) (PoC)	EXPLOIT-DB	www.exploit-db.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.