QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-2152

Back to search

CVE-2015-2152

Published: Mar 18, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support.

VendorProductVersions

n/a

n/a

affected
n/a

References

GLSA-201504-04
vendor-advisory
x_refsource_GENTOO
1031919
vdb-entry
x_refsource_SECTRACK
FEDORA-2015-3944
vendor-advisory
x_refsource_FEDORA
FEDORA-2015-3721
vendor-advisory
x_refsource_FEDORA
73068
vdb-entry
x_refsource_BID
FEDORA-2015-3935
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2015:0732
vendor-advisory
x_refsource_SUSE
1031806
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2015-2152 - Security Vulnerability | QwikSec