Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
13 Feb 2023, 04:34
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." |
02 Feb 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2012-3515 qemu: VT100 emulation vulnerability |
Information
Published : 2012-11-23 20:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-3515
Mitre link : CVE-2012-3515
CVE.ORG link : CVE-2012-3515
JSON object : View
Products Affected
debian
- debian_linux
suse
- linux_enterprise_desktop
- linux_enterprise_software_development_kit
- linux_enterprise_server
opensuse
- opensuse
redhat
- enterprise_linux
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_desktop
- enterprise_linux_eus
- virtualization
xen
- xen
qemu
- qemu
canonical
- ubuntu_linux
CWE
CWE-20
Improper Input Validation