// For flags

CVE-2015-5278

 

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

La función ne2000_receive en el archivo hw/net/ne2000.c en QEMU versiones anteriores a 2.4.0.1, permite a atacantes causar una denegación de servicio (bucle infinito y bloqueo de instancia) o posiblemente ejecutar código arbitrario mediante vectores relacionados a la recepción de paquetes.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-07-01 CVE Reserved
  • 2015-09-21 CVE Published
  • 2023-10-10 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qemu
Search vendor "Qemu"
 Qemu
Search vendor "Qemu" for product "Qemu"
 < 2.4.0.1
Search vendor "Qemu" for product "Qemu" and version " < 2.4.0.1"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 21
Search vendor "Fedoraproject" for product "Fedora" and version "21"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 22
Search vendor "Fedoraproject" for product "Fedora" and version "22"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 23
Search vendor "Fedoraproject" for product "Fedora" and version "23"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 15.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "15.04"
-
Affected
Arista
Search vendor "Arista"
 Eos
Search vendor "Arista" for product "Eos"
 4.12
Search vendor "Arista" for product "Eos" and version "4.12"
-
Affected
Arista
Search vendor "Arista"
 Eos
Search vendor "Arista" for product "Eos"
 4.13
Search vendor "Arista" for product "Eos" and version "4.13"
-
Affected
Arista
Search vendor "Arista"
 Eos
Search vendor "Arista" for product "Eos"
 4.14
Search vendor "Arista" for product "Eos" and version "4.14"
-
Affected
Arista
Search vendor "Arista"
 Eos
Search vendor "Arista" for product "Eos"
 4.15
Search vendor "Arista" for product "Eos" and version "4.15"
-
Affected