CVE-2015-8745

QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.

• CWE-617

• http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c6048f849c7e3f009786df76206e895
• http://www.debian.org/security/2016/dsa-3471Third Party Advisory
• http://www.openwall.com/lists/oss-security/2016/01/04/4Mailing List, Third Party Advisory
• http://www.openwall.com/lists/oss-security/2016/01/04/7Mailing List, Third Party Advisory
• http://www.securityfocus.com/bid/79822Third Party Advisory, VDB Entry
• http://www.securitytracker.com/id/1034575Third Party Advisory, VDB Entry
• https://bugzilla.redhat.com/show_bug.cgi?id=1270876Issue Tracking
• https://security.gentoo.org/glsa/201602-01Third Party Advisory
• http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c6048f849c7e3f009786df76206e895
• http://www.debian.org/security/2016/dsa-3471Third Party Advisory
• http://www.openwall.com/lists/oss-security/2016/01/04/4Mailing List, Third Party Advisory
• http://www.openwall.com/lists/oss-security/2016/01/04/7Mailing List, Third Party Advisory
• http://www.securityfocus.com/bid/79822Third Party Advisory, VDB Entry
• http://www.securitytracker.com/id/1034575Third Party Advisory, VDB Entry
• https://bugzilla.redhat.com/show_bug.cgi?id=1270876Issue Tracking
• https://security.gentoo.org/glsa/201602-01Third Party Advisory

Published

Dec 29, 2016

Last Modified

Jun 17, 2026

Status

Modified