CVE-2015-5165

MEDIUM

Description

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html

http://rhn.redhat.com/errata/RHSA-2015-1674.html

http://rhn.redhat.com/errata/RHSA-2015-1683.html

http://rhn.redhat.com/errata/RHSA-2015-1739.html

http://rhn.redhat.com/errata/RHSA-2015-1740.html

http://rhn.redhat.com/errata/RHSA-2015-1793.html

http://rhn.redhat.com/errata/RHSA-2015-1833.html

http://support.citrix.com/article/CTX201717

http://www.debian.org/security/2015/dsa-3348

http://www.debian.org/security/2015/dsa-3349

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.securityfocus.com/bid/76153

http://www.securitytracker.com/id/1033176

http://xenbits.xen.org/xsa/advisory-140.html

Details

Source: MITRE

Published: 2015-08-12

Updated: 2018-10-30

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (35 total)

ID	Name	Product	Family	Severity
117307	RHEL 7 : qemu-kvm-rhev (RHSA-2015:1739)	Nessus	Red Hat Local Security Checks	medium
91316	OracleVM 3.4 : qemu-kvm (OVMSA-2016-0051)	Nessus	OracleVM Local Security Checks	high
91198	Debian DLA-479-1 : xen security update	Nessus	Debian Local Security Checks	medium
88770	F5 Networks BIG-IP : Multiple QEMU vulnerabilities (K63519101)	Nessus	F5 Networks Local Security Checks	high
86909	openSUSE Security Update : xen (openSUSE-2015-750)	Nessus	SuSE Local Security Checks	high
86863	openSUSE Security Update : xen (openSUSE-2015-729)	Nessus	SuSE Local Security Checks	high
86513	CentOS 6 : qemu-kvm (CESA-2015:1833)	Nessus	CentOS Local Security Checks	medium
86512	CentOS 7 : qemu-kvm (CESA-2015:1793)	Nessus	CentOS Local Security Checks	medium
86203	SUSE SLES10 Security Update : Xen (SUSE-SU-2015:1643-1)	Nessus	SuSE Local Security Checks	high
86163	Fedora 21 : xen-4.4.3-3.fc21 (2015-15946)	Nessus	Fedora Local Security Checks	high
86162	Fedora 22 : xen-4.5.1-8.fc22 (2015-15944)	Nessus	Fedora Local Security Checks	high
86101	Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20150922)	Nessus	Scientific Linux Local Security Checks	medium
86098	RHEL 6 : qemu-kvm (RHSA-2015:1833)	Nessus	Red Hat Local Security Checks	medium
86095	Oracle Linux 6 : qemu-kvm (ELSA-2015-1833)	Nessus	Oracle Linux Local Security Checks	medium
86000	RHEL 6 : qemu-kvm-rhev (RHSA-2015:1740)	Nessus	Red Hat Local Security Checks	medium
85981	RHEL 7 : qemu-kvm (RHSA-2015:1793)	Nessus	Red Hat Local Security Checks	medium
85961	Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150915)	Nessus	Scientific Linux Local Security Checks	medium
85959	Oracle Linux 7 : qemu-kvm (ELSA-2015-1793)	Nessus	Oracle Linux Local Security Checks	medium
85792	SUSE SLED11 Security Update : xen (SUSE-SU-2015:1479-2)	Nessus	SuSE Local Security Checks	high
85791	SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1479-1)	Nessus	SuSE Local Security Checks	high
85755	Debian DSA-3349-1 : qemu-kvm - security update	Nessus	Debian Local Security Checks	medium
85754	Debian DSA-3348-1 : qemu - security update	Nessus	Debian Local Security Checks	high
85728	Fedora 23 : xen-4.5.1-6.fc23 (2015-14361)	Nessus	Fedora Local Security Checks	high
85727	Fedora 21 : qemu-2.1.3-9.fc21 (2015-13404)	Nessus	Fedora Local Security Checks	high
85683	Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : qemu, qemu-kvm vulnerabilities (USN-2724-1)	Nessus	Ubuntu Local Security Checks	high
85661	Citrix XenServer QEMU RTL8139 Guest Network Device Information Disclosure (CTX201717)	Nessus	Misc.	medium
85598	SUSE SLES11 Security Update : xen (SUSE-SU-2015:1421-1)	Nessus	SuSE Local Security Checks	high
85592	Fedora 23 : qemu-2.4.0-1.fc23 (2015-13358)	Nessus	Fedora Local Security Checks	high
85575	SUSE SLES11 Security Update : xen (SUSE-SU-2015:1408-1)	Nessus	SuSE Local Security Checks	high
85532	SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1404-1)	Nessus	SuSE Local Security Checks	high
85505	SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1384-1)	Nessus	SuSE Local Security Checks	high
85486	FreeBSD : qemu, xen-tools -- QEMU leak of uninitialized heap memory in rtl8139 device model (f06f20dc-4347-11e5-93ad-002590263bf5)	Nessus	FreeBSD Local Security Checks	medium
85480	Fedora 22 : qemu-2.3.1-1.fc22 (2015-13402)	Nessus	Fedora Local Security Checks	high
85237	OracleVM 3.2 : xen (OVMSA-2015-0112)	Nessus	OracleVM Local Security Checks	medium
85236	OracleVM 3.3 : xen (OVMSA-2015-0111)	Nessus	OracleVM Local Security Checks	high