FKIE_CVE-2015-5165

Vulnerability from fkie_nvd - Published: 2015-08-12 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.htmlIssue Tracking, Mailing List, Third Party Advisory
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.htmlIssue Tracking, Mailing List, Third Party Advisory
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.htmlIssue Tracking, Mailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.htmlIssue Tracking, Mailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.htmlIssue Tracking, Mailing List, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1674.htmlIssue Tracking, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1683.htmlIssue Tracking, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1739.htmlIssue Tracking, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1740.htmlIssue Tracking, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1793.htmlIssue Tracking, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1833.htmlIssue Tracking, Third Party Advisory
secalert@redhat.comhttp://support.citrix.com/article/CTX201717Broken Link, Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2015/dsa-3348Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2015/dsa-3349Third Party Advisory
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlThird Party Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/76153Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.securitytracker.com/id/1033176Third Party Advisory, VDB Entry
secalert@redhat.comhttp://xenbits.xen.org/xsa/advisory-140.htmlPatch, Vendor Advisory
secalert@redhat.comhttps://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.htmlIssue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.htmlIssue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.htmlIssue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.htmlIssue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.htmlIssue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1674.htmlIssue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1683.htmlIssue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1739.htmlIssue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1740.htmlIssue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1793.htmlIssue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1833.htmlIssue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX201717Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3348Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3349Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/76153Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033176Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://xenbits.xen.org/xsa/advisory-140.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13Third Party Advisory
Impacted products
Vendor Product Version
xen xen *
xen xen 4.5.1
fedoraproject fedora 21
fedoraproject fedora 22
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 10
suse linux_enterprise_server 11
debian debian_linux 7.0
debian debian_linux 8.0
redhat openstack 5.0
redhat openstack 6.0
redhat virtualization 3.0
redhat enterprise_linux_compute_node_eus 7.1
redhat enterprise_linux_compute_node_eus 7.2
redhat enterprise_linux_compute_node_eus 7.3
redhat enterprise_linux_compute_node_eus 7.4
redhat enterprise_linux_compute_node_eus 7.5
redhat enterprise_linux_compute_node_eus 7.6
redhat enterprise_linux_compute_node_eus 7.7
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_eus_compute_node 6.7
redhat enterprise_linux_for_power_big_endian 6.0
redhat enterprise_linux_for_power_big_endian 7.0
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.1_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_for_scientific_computing 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server_eus 7.1
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_eus 7.7
redhat enterprise_linux_server_eus_from_rhui 6.7
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_server_update_services_for_sap_solutions 7.2
redhat enterprise_linux_server_update_services_for_sap_solutions 7.3
redhat enterprise_linux_server_update_services_for_sap_solutions 7.4
redhat enterprise_linux_server_update_services_for_sap_solutions 7.6
redhat enterprise_linux_server_update_services_for_sap_solutions 7.7
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
arista eos 4.12
arista eos 4.13
arista eos 4.14
arista eos 4.15
oracle linux 7
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE6592AF-775F-4B8A-8E33-57A1239852E3",
              "versionEndIncluding": "4.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
              "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "8308AC4F-897E-4E43-9885-DF0762640770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
              "matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*",
              "matchCriteriaId": "67960FB9-13D1-4DEE-8158-31BF31BCBE6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86166F9-BBF0-4650-8CCD-0F9C97104D21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9835B192-FE11-4FB6-B1D8-C47530A46014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F5A4C6-E90F-4B33-8B28-D57FC36E3866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E542B7-500F-4B9E-B712-886C593525E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9F97AEB-F4DB-4F1F-A69C-5EF8CBBFAFE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0C69E57-48DE-467F-8ADD-B4601CE1611E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "35A9FD70-E9CA-43AF-A453-E41EAB430E7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "742A198F-D40F-4B32-BB9C-C5EF5B09C3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1B57890-04F1-4611-8D17-338B486BAAAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C8B513-76C1-4184-A253-CB32F04A05BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9835090F-120A-4A53-B4A8-375DD6999167",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.1_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B6ED0AA-CD87-47A5-8E82-C9C7BD14F1AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E5B5F9E-D749-45E5-8538-7CED9620C00C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "188019BF-3700-4B3F-BFA5-553B2B545B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8B2E32-B838-4E51-BAA2-764089D2A684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "4319B943-7B19-468D-A160-5895F7F997A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus_from_rhui:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9211510B-899C-4543-8ADB-42B674752FE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DF5F02-550E-41E0-86A3-862F2785270C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5F8426-5EEB-4013-BE49-8E705DA140B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7E9628-0915-4C49-8929-F5E060A20CBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C450C83-695F-4408-8B4F-0E7D6DDAE345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3707B08D-8A78-48CB-914C-33A753D13FC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDF9823-D999-41A4-BB7B-A63C00ACE11B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F7426A-46F7-4BE0-806F-F4598C8B0426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7F71EBA-27AC-464B-8708-4E8971BC75A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8705CF80-DEFC-4425-8E23-D98FFD678157",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*",
              "matchCriteriaId": "D1137279-81F0-4F6B-8E91-95590106BADF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en la emulaci\u00f3n de modo offload C+ en el modelo de tarjeta de red del dispositivo RTL8139 en QEMU, tal y como se utiliza en Xen 4.5.x y versiones anteriores, permite a atacantes remotos leer la memoria din\u00e1mica del proceso a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-5165",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-08-12T14:59:24.197",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1674.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1683.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1739.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1740.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1793.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1833.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://support.citrix.com/article/CTX201717"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3348"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3349"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/76153"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033176"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xenbits.xen.org/xsa/advisory-140.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1674.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1683.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1739.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1740.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1793.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1833.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "http://support.citrix.com/article/CTX201717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/76153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xenbits.xen.org/xsa/advisory-140.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.