CVE-2015-5165high
Description
An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.
References
http://xenbits.xen.org/xsa/advisory-140.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/76153
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html
http://support.citrix.com/article/CTX201717
http://rhn.redhat.com/errata/RHSA-2015-1833.html
http://rhn.redhat.com/errata/RHSA-2015-1793.html
http://rhn.redhat.com/errata/RHSA-2015-1740.html
http://rhn.redhat.com/errata/RHSA-2015-1739.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html
http://www.securitytracker.com/id/1033176
http://rhn.redhat.com/errata/RHSA-2015-1683.html
http://rhn.redhat.com/errata/RHSA-2015-1674.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html
http://www.debian.org/security/2015/dsa-3349
http://www.debian.org/security/2015/dsa-3348
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13
https://access.redhat.com/errata/RHSA-2015:1740
https://access.redhat.com/errata/RHSA-2015:1683
https://bugzilla.redhat.com/show_bug.cgi?id=1248760
https://access.redhat.com/errata/RHSA-2015:1833
https://access.redhat.com/security/cve/CVE-2015-5165
https://access.redhat.com/errata/RHSA-2015:1674
https://access.redhat.com/errata/RHSA-2015:1793