OVAL Reference oval:com.ubuntu.precise:def:20155154000

Oval Definition:

oval:com.ubuntu.precise:def:20155154000

Revision Date:	2015-08-12	Version:	1
Title:	CVE-2015-5154 on Ubuntu 12.04 LTS (precise) - medium.
Description:	Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2015-5154
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'qemu-kvm' package in precise is not affected (note: '1.0+noroms-0ubuntu14.23'). OR The 'xen' package in precise was vulnerable but has been fixed (note: '4.1.6.1-0ubuntu0.12.04.6').