Buffer overflow in Arista Eos

CVE-2015-3214

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use…

Vulnerability class: Buffer Overflow

EPSS: 0.016 (82.0th percentile) — read the EPSS interpretation.

Affected products

Arista Eos — versions 4.12, 4.13, 4.14
Lenovo Emc_px12-400r_ivx
Lenovo Emc_px12-450r_ivx
Linux Linux_kernel
Qemu
Debian Debian_linux — versions 7.0, 8.0
Redhat Enterprise_linux_compute_node_eus — versions 7.1, 7.2, 7.3
Redhat Enterprise_linux_for_power_big_endian — versions 7.0
Redhat Enterprise_linux_for_power_big_endian_eus — versions 7.1_ppc64, 7.2_ppc64, 7.3_ppc64
Redhat Enterprise_linux_for_scientific_computing — versions 7.0

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
37990 (exploit, Third Party Advisory, VDB Entry, x_refsource_EXPLOIT-DB)
GLSA-201510-02 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Third Party Advisory)
DSA-3348 (vendor-advisory, Third Party Advisory, Issue Tracking, x_refsource_DEBIAN)
RHSA-2015:1508 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory, Issue Tracking)
RHSA-2015:1507 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM, Broken Link, Vendor Advisory)