Wind River Support Network

HomeDefectsLIN6-10237

Fixed

LIN6-10237 : Security Advisory - qemu - CVE-2015-5154

Created: Aug 16, 2015 Updated: Dec 3, 2018

Resolved Date: Aug 20, 2015

Found In Version: 6.0.0.23

Fix Version: 6.0.0.24

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5154

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38