VDB
DEBIAN-CVE-2015-5225
DEBIAN-CVE-2015-5225
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | qemu | 0, 0, 0 |
| Debian:13 | qemu | 0, 0, 0 |
| Debian:11 | qemu | 0, 0, 0 |
| Debian:12 | qemu | 0, 0, 0 |
Timeline
- Nov 6, 2015 CVE Published
- Apr 28, 2026 CVE Updated