CVE-2015-5154 - Strifeless Thyristors

Description

Heap-based buffer overflow in the IDE subsystem in QEMU as used in Xen 4.5.x and earlier when the container has a CDROM drive enabled allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

Reference

http://support.citrix.com/article/CTX201593 http://xenbits.xen.org/xsa/advisory-138.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00041.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163658.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163681.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00042.html https://security.gentoo.org/glsa/201510-02 http://www.securityfocus.com/bid/76048 http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html http://rhn.redhat.com/errata/RHSA-2015-1512.html http://rhn.redhat.com/errata/RHSA-2015-1508.html http://rhn.redhat.com/errata/RHSA-2015-1507.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00017.html https://security.gentoo.org/glsa/201604-03 http://www.securitytracker.com/id/1033074 http://www.debian.org/security/2015/dsa-3348 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html