CVE-2015-5160
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
| Software | From | Fixed in |
|---|---|---|
| libvirt / libvirt | - | 2.2 |
| redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
| redhat / enterprise_linux_workstation | 7.0 | 7.0.x |
| redhat / enterprise_linux | 6.0 | 6.0.x |
| redhat / enterprise_linux_server | 7.0 | 7.0.x |
| redhat / enterprise_linux | 5 | 5.x |
| redhat / enterprise_linux_server_tus | 7.3 | 7.3.x |
| redhat / enterprise_linux_server_aus | 7.3 | 7.3.x |
| redhat / enterprise_linux_server_aus | 7.4 | 7.4.x |
| redhat / enterprise_linux_server_eus | 7.3 | 7.3.x |
| redhat / enterprise_linux_server_eus | 7.4 | 7.4.x |
| redhat / enterprise_linux_server_eus | 7.5 | 7.5.x |
| redhat / enterprise_linux_eus | 7.3 | 7.3.x |
| redhat / enterprise_linux_eus | 7.4 | 7.4.x |
| redhat / enterprise_linux_eus | 7.5 | 7.5.x |
| redhat / virtualization | 3.0 | 3.0.x |
| redhat / enterprise_linux_server_tus | 7.6 | 7.6.x |
| redhat / enterprise_linux_server_eus | 7.6 | 7.6.x |
| redhat / enterprise_linux_server_aus | 7.6 | 7.6.x |
| redhat / enterprise_linux_eus | 7.6 | 7.6.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime