CVE-2015-4037

LOW

Description

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160058.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160414.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html

http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html

http://www.debian.org/security/2015/dsa-3284

http://www.debian.org/security/2015/dsa-3285

http://www.openwall.com/lists/oss-security/2015/05/13/7

http://www.openwall.com/lists/oss-security/2015/05/16/5

http://www.openwall.com/lists/oss-security/2015/05/23/4

http://www.securityfocus.com/bid/74809

http://www.securitytracker.com/id/1032547

http://www.ubuntu.com/usn/USN-2630-1

https://bugzilla.redhat.com/show_bug.cgi?id=1222892

Details

Source: MITRE

Published: 2015-08-26

Updated: 2016-12-24

Type: CWE-17

Risk Information

CVSS v2.0

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* versions up to 2.3.0 (inclusive)

Tenable Plugins

View all (18 total)

IDNameProductFamilySeverity
135559EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)NessusHuawei Local Security Checks
critical
131585EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2019-2431)NessusHuawei Local Security Checks
high
130689EulerOS 2.0 SP5 : qemu-kvm (EulerOS-SA-2019-2227)NessusHuawei Local Security Checks
critical
89723SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)NessusSuSE Local Security Checks
high
86961openSUSE Security Update : xen (openSUSE-2015-730)NessusSuSE Local Security Checks
high
86909openSUSE Security Update : xen (openSUSE-2015-750)NessusSuSE Local Security Checks
high
86865SUSE SLES11 Security Update : xen (SUSE-SU-2015:1952-1)NessusSuSE Local Security Checks
high
86863openSUSE Security Update : xen (openSUSE-2015-729)NessusSuSE Local Security Checks
high
86756SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1908-1)NessusSuSE Local Security Checks
high
86753SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1894-1)NessusSuSE Local Security Checks
high
86704SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1853-1)NessusSuSE Local Security Checks
high
85902SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2015:1519-1)NessusSuSE Local Security Checks
high
84443SUSE SLED11 / SLES11 Security Update : KVM (SUSE-SU-2015:1152-1)NessusSuSE Local Security Checks
high
84307Fedora 21 : qemu-2.1.3-8.fc21 (2015-9599)NessusFedora Local Security Checks
low
84168Debian DSA-3285-1 : qemu-kvm - security updateNessusDebian Local Security Checks
high
84167Debian DSA-3284-1 : qemu - security updateNessusDebian Local Security Checks
high
84131Fedora 22 : qemu-2.3.0-5.fc22 (2015-9601)NessusFedora Local Security Checks
low
84118Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : qemu, qemu-kvm vulnerabilities (USN-2630-1)NessusUbuntu Local Security Checks
high