CVE-2015-8345

Debian Security Advisory 3470-1

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.

El emulador de eepro100 en qemu-kvm de QEMU permite a los usuarios huéspedes locales provocar una denegación de servicio (fallo de la aplicación y bucle infinito) a través de vectores que implican la lista de bloqueo de comandos.

Jason Wang discovered that QEMU incorrectly handled the virtio-net device. A remote attacker could use this issue to cause guest network consumption, resulting in a denial of service. Qinghao Tang and Ling Liu discovered that QEMU incorrectly handled the pcnet driver when used in loopback mode. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-11-25 CVE Reserved
2015-12-03 CVE Published
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (7)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2015/11/25/11	Mailing List
http://www.securityfocus.com/bid/77985	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html	2020-12-14

URL	Date	SRC
http://www.debian.org/security/2016/dsa-3469	2020-12-14
http://www.debian.org/security/2016/dsa-3470	2020-12-14
http://www.debian.org/security/2016/dsa-3471	2020-12-14
https://security.gentoo.org/glsa/201602-01	2020-12-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Qemu Search vendor "Qemu"		Qemu Search vendor "Qemu" for product "Qemu"				<= 2.4.1 Search vendor "Qemu" for product "Qemu" and version " <= 2.4.1"		-		Affected
Qemu Search vendor "Qemu"		Qemu Search vendor "Qemu" for product "Qemu"				2.5.0 Search vendor "Qemu" for product "Qemu" and version "2.5.0"		rc0		Affected
Qemu Search vendor "Qemu"		Qemu Search vendor "Qemu" for product "Qemu"				2.5.0 Search vendor "Qemu" for product "Qemu" and version "2.5.0"		rc1		Affected
Qemu Search vendor "Qemu"		Qemu Search vendor "Qemu" for product "Qemu"				2.5.0 Search vendor "Qemu" for product "Qemu" and version "2.5.0"		rc2		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected