Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

QEMU Vulnerability Exposes The Host Through Emulated CD-ROM Drive

Written by Michael Larabel in Virtualization on 27 July 2015 at 10:01 AM EDT. 9 Comments

VIRTUALIZATION

Back in May was the big "VENOM" security vulnerability affect QEMU whereby VM security could be escaped through QEMU's virtual floppy disk drive. In June was a PCNET controller buffer overflow allowing a guest to escape to have host access. Today there's a similar security vulnerability going public about its virtual CD-ROM drive.

The new issue, CVE-2015-5154, is about a heap overflow flaw while processing certain ATAPI commands. This flaw in QEMU's IDE subsystem could allow a privileged guest user in a guest with virtual/emulated CDROM drive execute arbitrary code on the host system. Basically if the IDE CDROM device is enabled for the guest, current versions of QEMU could be exploited to run code on the host with privileges the same as the QEMU process.

More details on CVE-2015-5154 via the announcement and there's currently patches for addressing this vulnerability via the QEMU-devel list.

9 Comments

Related News

libvirt 10.0 Released With QEMU VM Migration Improvements

KVM With Linux 6.8 Adds Intel LAM For Guests, More Confidential VMs Work

LoongArch KVM Support Extended To Allow LSX/LASX SIMD Support

QEMU 8.2 Released With New VirtIO-Sound & VirtIO-GPU "Rutabaga" Devices

Cloud Hypervisor 37 LTS Released With Faster VM Restoration From Snapshots

Linux Dealing With x86 32-bit Software Security Issue For Intel TDX & AMD SEV

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Rust-Written Linux Scheduler Showing Promising Results For Gaming Performance

~5 Minutes Of Coding Yields A 6%+ Boost To Linux I/O Performance

Hans Reiser Apologies For Social Mistakes, Comments On ReiserFS Deprecation From Prison

Git Developers Discuss The Possibility Of Beginning To Use Rust Code

Linux 6.8 Merge Window On Hiatus Due To Winter Storm

The Open-Source Community Is Still Maintaining Flash Player Support In 2024

A Fix For The Severe Linux Performance Regression Spotted By Torvalds

Linux Distributions Now Encouraged To Build GTK With Vulkan