Vulnerability CVE-2019-15034

Vulnerability Name:

CVE-2019-15034 (CCN-177526)

Assigned:

2019-08-12

Published:

2019-08-12

Updated:

2020-05-28

Summary:

hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.

CVSS v3 Severity:

5.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H)
5.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): High

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-120

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2019-15034

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2020:0468

Source: XF
Type: UNKNOWN
qemu-cve201915034-bo(177526)

Source: CCN
Type: qemu-devel Web site
[Qemu-devel] [PATCH 1/1] display/bochs: fix pcie support

Source: MISC
Type: Mailing List, Patch, Third Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html

Source: UBUNTU
Type: UNKNOWN
USN-4372-1

Source: DEBIAN
Type: UNKNOWN
DSA-4665

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-15034

Vulnerable Configuration:

Configuration 1:

cpe:/a:qemu:qemu:4.0.0:-:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:qemu:qemu:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:1810	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:3164	P	python3-PyYAML-5.4.1-1.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3183	P	python3-sqlparse-0.4.2-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3222	P	wpa_supplicant-2.9-4.33.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3237	P	zram-generator-1.1.1~git5.8612dbb-150400.1.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3119	P	libzzip-0-13-0.13.69-3.10.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3124	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3145	P	perl-DBD-mysql-4.046-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3172	P	python3-lxml-4.7.1-3.7.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3213	P	u-boot-rpiarm64-2021.10-150400.2.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3234	P	yast2-security-4.4.13-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3240	P	buildah-1.23.1-150400.1.17 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3236	P	yubikey-manager-2.1.0-1.10 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3131	P	openslp-2.0.0-6.15.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1811	P	Security update for gimp (Moderate) (in QA)	2022-05-27
oval:org.opensuse.security:def:201915034	V	CVE-2019-15034	2022-05-22
oval:org.opensuse.security:def:1802	P	Security update for pidgin (Important)	2022-05-16
oval:org.opensuse.security:def:1800	P	Security update for libwmf (Important)	2022-05-04
oval:org.opensuse.security:def:1652	P	Security update for apache2 (Important)	2022-03-29
oval:org.opensuse.security:def:1814	P	Security update for MozillaThunderbird (Important)	2022-02-23
oval:org.opensuse.security:def:1805	P	Security update for the Linux Kernel (Important)	2022-01-26
oval:org.opensuse.security:def:94239	P	(Important)	2022-01-25
oval:org.opensuse.security:def:1801	P	Security update for zxing-cpp (Important)	2022-01-24
oval:org.opensuse.security:def:64611	P	Security update for binutils (Moderate)	2021-11-04
oval:org.opensuse.security:def:4226	P	Security update for MozillaFirefox (Important)	2021-10-16
oval:org.opensuse.security:def:68362	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2021-10-12
oval:org.opensuse.security:def:74665	P	Security update for git (Low)	2021-10-06
oval:org.opensuse.security:def:69137	P	Security update for qemu (Moderate)	2021-08-27
oval:org.opensuse.security:def:66908	P	Security update for mariadb (Moderate)	2021-08-25
oval:org.opensuse.security:def:4149	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:69523	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:48317	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46896	P	autofs-5.0.9-21.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47846	P	pcsc-ccid-1.4.25-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47042	P	libldap-2_4-2-2.4.41-18.25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48333	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47208	P	at-3.1.14-7.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:64553	P	Security update for cpio (Important)	2021-08-16
oval:org.opensuse.security:def:47900	P	sysvinit-tools-2.88+-99.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47106	P	mozilla-nspr-32bit-4.12-15.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46980	P	krb5-1.12.5-39.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48318	P	sysstat-12.0.2-10.24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47137	P	python-libxml2-2.9.4-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63502	P	nping-7.70-3.12.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63006	P	gdb-10.1-8.24.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71818	P	g3utils-1.1.37-3.8.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62803	P	libnma0-1.8.24-5.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72758	P	perl-solv-0.7.19-3.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100952	P	libpcap-devel-1.9.1-1.33 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62796	P	libmad-devel-0.15.1b-3.16 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72490	P	libXp6-32bit-1.0.3-1.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62828	P	rtkit-0.11+git.20130926-1.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62800	P	libmp3lame-devel-3.100-1.33 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:51934	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:4208	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:70264	P	Security update for MozillaFirefox (Important)	2021-07-27
oval:org.opensuse.security:def:46000	P	Security update for microcode_ctl (Important)	2021-06-28
oval:org.opensuse.security:def:64723	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:4133	P	Security update for libopenmpt (Moderate)	2021-06-09
oval:org.opensuse.security:def:46535	P	mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48651	P	xinetd-2.3.15-7.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:2465	P	libstaroffice-0_0-0-0.0.5-1.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48881	P	pulseaudio-module-bluetooth-5.0-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:66816	P	Security update for qemu (Important)	2021-06-08
oval:org.opensuse.security:def:2469	P	openconnect-7.08-4.26 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46444	P	java-1_7_0-openjdk-1.7.0.6-33.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46682	P	iputils-s20121221-2.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48455	P	krb5-appl-clients-1.0.3-1.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48788	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:51900	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:4121	P	Security update for librsvg (Important)	2021-04-28
oval:org.opensuse.security:def:73599	P	Security update for ruby2.5 (Moderate)	2021-04-20
oval:org.opensuse.security:def:51742	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:52009	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:51640	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:51099	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:69034	P	Security update for xen (Moderate)	2020-12-22
oval:org.opensuse.security:def:64451	P	Security update for ceph (Important)	2020-12-21
oval:org.opensuse.security:def:69418	P	Security update for webkit2gtk3 (Important)	2020-12-17
oval:org.opensuse.security:def:63297	P	qemu-audio-oss-3.1.1.1-9.21.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107618	P	qemu-audio-oss-3.1.1.1-9.21.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1821	P	ocaml-4.05.0-4.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1826	P	perl-Archive-Extract-0.80-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1827	P	perl-Config-IniFiles-2.94-1.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2208	P	qemu-audio-oss-3.1.1.1-9.21.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63299	P	rmt-server-2.5.4-1.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71702	P	python3-numpy-1.17.3-4.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1823	P	openldap2-devel-32bit-2.4.46-9.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49032	P	libqt4-sql-mysql-32bit-4.8.7-8.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72374	P	libXinerama1-32bit-1.1.3-1.22 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4264	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4923	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4257	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4048	P	Security update for xen (Important)	2020-12-02
oval:org.opensuse.security:def:4260	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4028	P	Security update for clamav-database (Important)	2020-12-02
oval:org.opensuse.security:def:3878	P	Security update for the Linux Kernel (Moderate)	2020-12-02
oval:org.opensuse.security:def:4036	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:4090	P	Security update for MozillaThunderbird (Important)	2020-12-02
oval:org.opensuse.security:def:3891	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4902	P	Security update for virt-bootstrap (Moderate)	2020-12-02
oval:org.opensuse.security:def:4250	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:24628	P	Security update for xmltooling (Moderate)	2020-12-01
oval:org.opensuse.security:def:49339	P	syslog-service on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49637	P	gtk2-data on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49500	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46312	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:24861	P	Security update for python, python-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:50879	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:52261	P	Security update for go1.14 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49784	P	glibc-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51828	P	Security update for webkit2gtk3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:65790	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50142	P	dia on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25059	P	Security update for apache2-mod_auth_openidc (Important)	2020-12-01
oval:org.opensuse.security:def:66095	P	Security update for graphviz (Moderate)	2020-12-01
oval:org.opensuse.security:def:50401	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:63878	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:52323	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50738	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:25732	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50546	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:64343	P	liblcms2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50911	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:49636	P	gstreamer-plugins-base-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53285	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50701	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:66187	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:24365	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:45987	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:24572	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:49253	P	libvirt-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51367	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50039	P	sysstat-isag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46120	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:24711	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:49404	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73481	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53354	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:49656	P	libass-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49572	P	libpotrace0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24914	P	Security update for freeradius-server (Important)	2020-12-01
oval:org.opensuse.security:def:70159	P	ctags on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50545	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:49991	P	apache2-mod_nss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65028	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:24292	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:25001	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:50242	P	libproxy1-config-gnome3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50093	P	qemu-audio-oss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63649	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:72876	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50645	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:45986	P	Security update for libpcap (Important)	2020-12-01
oval:org.opensuse.security:def:64207	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49469	P	libtasn1-6-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50848	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:50812	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25697	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:65118	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50568	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:64344	P	libldap-2_4-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50985	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:24302	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:74798	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50936	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:25015	P	Security update for ghostscript (Moderate)	2020-12-01
oval:org.opensuse.security:def:65700	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:24491	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:68465	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:51203	P	Security update for libvpx (Important)	2020-12-01
oval:org.opensuse.security:def:50905	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:110460	P	Security update for qemu (Important)	2020-04-07
oval:org.opensuse.security:def:98740	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:90459	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:104114	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:97424	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:91180	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:104835	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:98145	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:75541	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:91790	P	Security update for qemu (Important)	2020-04-01
oval:org.opensuse.security:def:105430	P	Security update for qemu (Important)	2020-04-01

BACK