CVE-2015-3456

Priority
High
Description
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier
and KVM, allows local guest users to cause a denial of service
(out-of-bounds write and guest crash) or possibly execute arbitrary code
via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or
other unspecified commands, aka VENOM.
References
Notes
 mdeslaur> See https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/VENOM
Assigned-to
mdeslaur
Package
Source: xen (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.1-0ubuntu0.14.04.6)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.11)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (4.3.10-dfsg-1ubuntu5)
More Information

Updated: 2017-08-11 23:53:21 UTC (commit 13081)