CVE-2015-8556 - Vulnerability Details - OpenCVE

Description

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.

Published: 2017-03-24

Score: 10.0 Critical

EPSS: 21.2% Moderate

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.21208.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html
https://nvd.nist.gov/vuln/detail/CVE-2015-8556
https://security.gentoo.org/glsa/201602-01
https://www.cve.org/CVERecord?id=CVE-2015-8556
https://www.exploit-db.com/exploits/39010/

History

No history.

Subscriptions

Qemu Qemu

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-03-24T14:00:00.000Z

Updated: 2024-08-06T08:20:43.447Z

Reserved: 2015-12-14T00:00:00.000Z

Link: CVE-2015-8556

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-03-24T14:59:00.147

Modified: 2026-05-13T00:24:29.033

Link: CVE-2015-8556

Redhat

Severity : Important

Publid Date: 2015-12-14T00:00:00Z

Links: CVE-2015-8556 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-04T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-03-24T13:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "39010", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/39010/"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html"}, {"name": "GLSA-201602-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201602-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8556", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "39010", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39010/"}, {"name": "http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html"}, {"name": "GLSA-201602-01", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201602-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:20:43.447Z"}, "title": "CVE Program Container", "references": [{"name": "39010", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/39010/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html"}, {"name": "GLSA-201602-01", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201602-01"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8556", "datePublished": "2017-03-24T14:00:00.000Z", "dateReserved": "2015-12-14T00:00:00.000Z", "dateUpdated": "2024-08-06T08:20:43.447Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CDD0AC9-F6E4-47B3-A0E9-C1E7D7F8837F", "versionEndIncluding": "2.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1."}, {"lang": "es", "value": "Vulnerabilidad de escalada de privilegios locales en el paquete Gentoo QEMU en versiones anteriores a 2.5.0-r1."}], "id": "CVE-2015-8556", "lastModified": "2026-05-13T00:24:29.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-24T14:59:00.147", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://security.gentoo.org/glsa/201602-01"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/39010/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/134948/Gentoo-QEMU-Local-Privilege-Escalation.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://security.gentoo.org/glsa/201602-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/39010/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "Qemu: virtfs: local privilege escalation via virtfs-proxy-helper", "id": "1292211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292211"}, "csaw": false, "cvss": {"cvss_base_score": "6.2", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "status": "draft"}, "cwe": "CWE-250", "details": ["Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.", "A Time of Creation To Time of Usage (TOCTTOU) flaw was discovered in the QEMU emulator built with VirtFS(file system pass-through) support to share folders between host and guest. The flaw occurs if the 'virtfs-proxy-helper' program is installed with SUID permissions or has 'CAP_CHOWN' capability. An unprivileged, local attacker could exploit this flaw to potentially escalate their privileges and gain root access to the system."], "name": "CVE-2015-8556", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kvm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "xen", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openstack:5::el6", "fix_state": "Not affected", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6"}, {"cpe": "cpe:/a:redhat:openstack:5::el7", "fix_state": "Not affected", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7"}, {"cpe": "cpe:/a:redhat:openstack:6", "fix_state": "Not affected", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6 (Juno)"}, {"cpe": "cpe:/a:redhat:openstack:7", "fix_state": "Not affected", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)"}], "public_date": "2015-12-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-8556\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-8556"], "statement": "This issue does not affect the versions of the kvm and xen packages as shipped with Red Hat Enterprise Linux 5.\nThis issue does not affect the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6, and the Red Hat Enterprise Linux 6 based versions of qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3.\nThis issue does not affect the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 7.\nThis issue does not affect the Red Hat Enterprise Linux 7 based versions of the qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3.", "threat_severity": "Important"}