CVE-2015-3214

{"id": "CVE-2015-3214", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-08-31T10:59:07.580", "references": [{"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee73f656a604d5aa9df86a97102e4e462dd79924", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33", "tags": ["Broken Link", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1507.html", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1508.html", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1512.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2015/dsa-3348", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2015/06/25/7", "tags": ["Mailing List"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/75273", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id/1032598", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1229640", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://github.com/torvalds/linux/commit/ee73f656a604d5aa9df86a97102e4e462dd79924", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201510-02", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.lenovo.com/product_security/qemu", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://support.lenovo.com/us/en/product_security/qemu", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.exploit-db.com/exploits/37990/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg304138.html", "source": "secalert@redhat.com"}, {"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee73f656a604d5aa9df86a97102e4e462dd79924", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://mirror.linux.org.au/linux/kernel/v2.6/ChangeLog-2.6.33", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1507.html", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1508.html", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1512.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2015/dsa-3348", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2015/06/25/7", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/75273", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1032598", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1229640", "tags": ["Issue Tracking"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/torvalds/linux/commit/ee73f656a604d5aa9df86a97102e4e462dd79924", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201510-02", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.lenovo.com/product_security/qemu", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.lenovo.com/us/en/product_security/qemu", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/37990/", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg304138.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index."}, {"lang": "es", "value": "Vulnerabilidad en pit_ioport_read en i8254.c en el kernel de Linux en versiones anteriores a 2.6.33 y en QEMU en versiones anteriores a 2.3.1, no distingue entre longitudes de lectura y longitudes de escritura, lo que podr\u00eda permitir a los usuarios invitados del SO ejecutar c\u00f3digo arbitrario en el host del SO desencadenando el uso de un \u00edndice no v\u00e1lido."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABF17A18-4BE8-41B7-B50C-F4A137B3B2F1", "versionEndIncluding": "2.3.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4367A8B9-ABB9-4E4E-9A2A-85719CBE8DAC", "versionEndIncluding": "2.6.32"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDDF9823-D999-41A4-BB7B-A63C00ACE11B"}, {"criteria": "cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51F7426A-46F7-4BE0-806F-F4598C8B0426"}, {"criteria": "cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7F71EBA-27AC-464B-8708-4E8971BC75A7"}, {"criteria": "cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8705CF80-DEFC-4425-8E23-D98FFD678157"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lenovo:emc_px12-400r_ivx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19E383C6-5DB4-4D42-BC8E-70CEA527FAEF", "versionEndExcluding": "1.0.10.33264"}, {"criteria": "cpe:2.3:o:lenovo:emc_px12-450r_ivx:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "811FD71F-FC60-478B-B257-A7019AE6F88A", "versionEndExcluding": "1.0.10.33264"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3"}, {"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA"}, {"criteria": "cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D86166F9-BBF0-4650-8CCD-0F9C97104D21"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9835B192-FE11-4FB6-B1D8-C47530A46014"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19F5A4C6-E90F-4B33-8B28-D57FC36E3866"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39E542B7-500F-4B9E-B712-886C593525E9"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9F97AEB-F4DB-4F1F-A69C-5EF8CBBFAFE6"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0C69E57-48DE-467F-8ADD-B4601CE1611E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35A9FD70-E9CA-43AF-A453-E41EAB430E7F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "742A198F-D40F-4B32-BB9C-C5EF5B09C3E7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.1_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B6ED0AA-CD87-47A5-8E82-C9C7BD14F1AE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E5B5F9E-D749-45E5-8538-7CED9620C00C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55DF5F02-550E-41E0-86A3-862F2785270C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA5F8426-5EEB-4013-BE49-8E705DA140B9"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C7E9628-0915-4C49-8929-F5E060A20CBB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C450C83-695F-4408-8B4F-0E7D6DDAE345"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3707B08D-8A78-48CB-914C-33A753D13FC7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}