CVE-2015-5165

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2015-5165
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html Issue Tracking Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html Issue Tracking Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html Issue Tracking Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html Issue Tracking Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html Issue Tracking Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1674.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1683.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1739.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1740.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1793.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1833.html Issue Tracking Third Party Advisory
http://support.citrix.com/article/CTX201717 Broken Link Third Party Advisory
http://www.debian.org/security/2015/dsa-3348 Third Party Advisory
http://www.debian.org/security/2015/dsa-3349 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html Third Party Advisory
http://www.securityfocus.com/bid/76153 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033176 Third Party Advisory VDB Entry
http://xenbits.xen.org/xsa/advisory-140.html Patch Vendor Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.1_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus_from_rhui:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:*

Configuration 7 (hide)

cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*
History

No history.

Information

Published : 2015-08-12 14:59

Updated : 2024-02-28 15:21

NVD link : CVE-2015-5165

Mitre link : CVE-2015-5165

CVE.ORG link : CVE-2015-5165

JSON object : View

Products Affected

redhat

  • enterprise_linux_for_scientific_computing
  • enterprise_linux_eus_compute_node
  • enterprise_linux_server
  • enterprise_linux_desktop
  • enterprise_linux_for_power_big_endian_eus
  • enterprise_linux_server_eus_from_rhui
  • enterprise_linux_server_from_rhui
  • enterprise_linux_compute_node_eus
  • enterprise_linux_server_tus
  • virtualization
  • enterprise_linux_server_aus
  • enterprise_linux_eus
  • enterprise_linux_for_power_big_endian
  • enterprise_linux_workstation
  • enterprise_linux_server_eus
  • openstack
  • enterprise_linux_server_update_services_for_sap_solutions

suse

  • linux_enterprise_server
  • linux_enterprise_debuginfo

fedoraproject

  • fedora

oracle

  • linux

arista

  • eos

xen

  • xen

debian

  • debian_linux
CWE
CWE-908

Use of Uninitialized Resource


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024