CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Published: Aug 12, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-5165
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-908

Affected Software
References

Software	From	Fixed in
xen / xen	-	4.5.0.x
xen / xen	4.5.1	4.5.1.x
fedoraproject / fedora	22	22.x
fedoraproject / fedora	21	21.x
suse / linux_enterprise_server	11-sp1	11-sp1.x
suse / linux_enterprise_server	10-sp4	10-sp4.x
suse / linux_enterprise_debuginfo	11-sp1	11-sp1.x
debian / debian_linux	8.0	8.0.x
debian / debian_linux	7.0	7.0.x
redhat / enterprise_linux_for_scientific_computing	6.0	6.0.x
redhat / enterprise_linux_workstation	7.0	7.0.x
redhat / enterprise_linux_for_scientific_computing	7.0	7.0.x
redhat / openstack	5.0	5.0.x
redhat / enterprise_linux_server	7.0	7.0.x
redhat / enterprise_linux_eus	6.7	6.7.x
redhat / enterprise_linux_server_eus	7.2	7.2.x
redhat / enterprise_linux_for_power_big_endian_eus	7.1_ppc64	7.1_ppc64.x
redhat / enterprise_linux_server_eus	7.1	7.1.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_for_power_big_endian	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
redhat / enterprise_linux_server_tus	7.3	7.3.x
redhat / enterprise_linux_compute_node_eus	7.1	7.1.x
redhat / enterprise_linux_for_power_big_endian	7.0	7.0.x
redhat / openstack	6.0	6.0.x
redhat / enterprise_linux_server_aus	7.3	7.3.x
redhat / enterprise_linux_server_aus	7.4	7.4.x
redhat / enterprise_linux_server_eus	7.3	7.3.x
redhat / enterprise_linux_server_eus	7.4	7.4.x
redhat / enterprise_linux_server_eus	7.5	7.5.x
redhat / virtualization	3.0	3.0.x
redhat / enterprise_linux_server_tus	7.6	7.6.x
redhat / enterprise_linux_server_eus	7.6	7.6.x
redhat / enterprise_linux_server_aus	7.6	7.6.x
redhat / enterprise_linux_server_eus	7.7	7.7.x
redhat / enterprise_linux_server_aus	7.7	7.7.x
redhat / enterprise_linux_server_tus	7.7	7.7.x
redhat / enterprise_linux_server_update_services_for_sap_solutions	7.6	7.6.x
redhat / enterprise_linux_server_update_services_for_sap_solutions	7.7	7.7.x
redhat / enterprise_linux_server_update_services_for_sap_solutions	7.4	7.4.x
redhat / enterprise_linux_server_update_services_for_sap_solutions	7.3	7.3.x
redhat / enterprise_linux_for_power_big_endian_eus	7.2_ppc64	7.2_ppc64.x
redhat / enterprise_linux_compute_node_eus	7.2	7.2.x
redhat / enterprise_linux_compute_node_eus	7.3	7.3.x
redhat / enterprise_linux_compute_node_eus	7.4	7.4.x
redhat / enterprise_linux_compute_node_eus	7.5	7.5.x
redhat / enterprise_linux_compute_node_eus	7.6	7.6.x
redhat / enterprise_linux_compute_node_eus	7.7	7.7.x
redhat / enterprise_linux_server_update_services_for_sap_solutions	7.2	7.2.x
redhat / enterprise_linux_for_power_big_endian_eus	7.3_ppc64	7.3_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.4_ppc64	7.4_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.5_ppc64	7.5_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.6_ppc64	7.6_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.7_ppc64	7.7_ppc64.x
redhat / enterprise_linux_server_eus_from_rhui	6.7	6.7.x
redhat / enterprise_linux_server_from_rhui	7.0	7.0.x
redhat / enterprise_linux_for_power_big_endian_eus	6.7_ppc64	6.7_ppc64.x
redhat / enterprise_linux_eus_compute_node	6.7	6.7.x
redhat / enterprise_linux_server_from_rhui	6.0	6.0.x
arista / eos	4.15	4.15.x
arista / eos	4.14	4.14.x
arista / eos	4.13	4.13.x
arista / eos	4.12	4.12.x
oracle / linux	7	7.x

Vulnerability Database

CVE-2015-5165

Deep Security Visibility Without the Complexity