Main Vulnerability Database Exploits ID:5166 - Exploit for Improper access control in QEMU - CVE-2015-8550

ID:5166 - Exploit for Improper access control in QEMU - CVE-2015-8550

Published: February 23, 2021

Vulnerability identifier: #VU32330

Vulnerability risk: Low

CVE-ID: CVE-2015-8550

CWE-ID: CWE-284

Exploitation vector: Local access

Vulnerable software:
QEMU

Link to public exploit:

https://github.com/bsauce/kernel-exploit-factory

Vulnerability description

The vulnerability allows a local privileged user to execute arbitrary code.

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.

Remediation

Install update from vendor's website.

ID:5166 - Exploit for Improper access control in QEMU - CVE-2015-8550

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human