{"id":"CVE-2015-5745","details":"Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.","modified":"2026-04-16T06:19:40.580215955Z","published":"2020-01-23T20:15:12Z","related":["SUSE-SU-2016:1560-1","SUSE-SU-2016:1698-1","SUSE-SU-2016:1703-1","SUSE-SU-2016:1785-1"],"references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2015/08/06/3"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2015/08/06/5"},{"type":"ADVISORY","url":"https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295"},{"type":"ADVISORY","url":"https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"},{"type":"ADVISORY","url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2015/08/06/3"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2015/08/06/5"},{"type":"ARTICLE","url":"https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2015/08/06/5"},{"type":"FIX","url":"https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295"},{"type":"FIX","url":"https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}