Vulnerability Name:

CVE-2015-4106

Assigned:2015-05-27
Published:2015-06-03
Updated:2017-11-14
Summary:QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-284
References:Source: FEDORA
Type: UNKNOWN
FEDORA-2015-9466

Source: FEDORA
Type: UNKNOWN
FEDORA-2015-9456

Source: FEDORA
Type: UNKNOWN
FEDORA-2015-9965

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:1042

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:1045

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:1156

Source: SUSE
Type: UNKNOWN
SUSE-SU-2015:1157

Source: CONFIRM
Type: UNKNOWN
http://support.citrix.com/article/CTX201145

Source: DEBIAN
Type: UNKNOWN
DSA-3284

Source: DEBIAN
Type: UNKNOWN
DSA-3286

Source: BID
Type: UNKNOWN
74949

Source: SECTRACK
Type: UNKNOWN
1032467

Source: UBUNTU
Type: UNKNOWN
USN-2630-1

Source: CONFIRM
Type: VENDOR_ADVISORY
http://xenbits.xen.org/xsa/advisory-131.html

Source: XF
Type: UNKNOWN
xen-cve20154106-priv-esc(103546)

Source: GENTOO
Type: UNKNOWN
GLSA-201604-03

Source: CONFIRM
Type: UNKNOWN
https://support.citrix.com/article/CTX206006

Vulnerable Configuration:Configuration 1:
  • cpe:/a:qemu:qemu:-:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20154106
    V
    CVE-2015-4106
    2017-11-19
    oval:org.cisecurity:def:193
    P
    DSA-3286-1 -- xen -- security update
    2016-02-08
    oval:org.cisecurity:def:231
    P
    DSA-3284-1 -- qemu -- security update
    2016-02-08
    oval:com.ubuntu.precise:def:20154106000
    V
    CVE-2015-4106 on Ubuntu 12.04 LTS (precise) - medium.
    2015-06-03
    oval:com.ubuntu.trusty:def:20154106000
    V
    CVE-2015-4106 on Ubuntu 14.04 LTS (trusty) - medium.
    2015-06-03
    BACK
    qemu qemu -