The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
13 Feb 2023, 00:50
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. |
02 Feb 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
Summary | An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory. | |
References |
|
11 Feb 2022, 14:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux Compute Node Eus
Debian debian Linux Redhat enterprise Linux Desktop Redhat enterprise Linux Server Oracle Redhat enterprise Linux Eus Redhat enterprise Linux Server Tus Redhat enterprise Linux Server Aus Suse linux Enterprise Debuginfo Arista Suse linux Enterprise Server Redhat enterprise Linux Server Eus From Rhui Redhat openstack Arista eos Redhat enterprise Linux For Scientific Computing Redhat enterprise Linux For Power Big Endian Redhat enterprise Linux Server Update Services For Sap Solutions Redhat enterprise Linux For Power Big Endian Eus Suse Debian Oracle linux Redhat virtualization Redhat enterprise Linux Workstation Redhat enterprise Linux Server From Rhui Redhat enterprise Linux Eus Compute Node Redhat enterprise Linux Server Eus Redhat |
|
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1833.html - Issue Tracking, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/76153 - Third Party Advisory, VDB Entry | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1793.html - Issue Tracking, Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1674.html - Issue Tracking, Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1740.html - Issue Tracking, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html - Issue Tracking, Mailing List, Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1683.html - Issue Tracking, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html - Issue Tracking, Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html - Issue Tracking, Mailing List, Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2015/dsa-3348 - Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html - Issue Tracking, Mailing List, Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2015/dsa-3349 - Third Party Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id/1033176 - Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://support.citrix.com/article/CTX201717 - Broken Link, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html - Issue Tracking, Mailing List, Third Party Advisory | |
References | (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 - Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-1739.html - Issue Tracking, Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : unknown |
CPE | cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.4:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:6.7:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:* cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:* cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.3:*:*:*:*:*:*:* cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.1_ppc64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus_from_rhui:6.7:*:*:*:*:*:*:* |
|
CWE | CWE-908 |
26 Jan 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2015-08-12 14:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-5165
Mitre link : CVE-2015-5165
CVE.ORG link : CVE-2015-5165
JSON object : View
Products Affected
redhat
- enterprise_linux_eus_compute_node
- enterprise_linux_for_scientific_computing
- virtualization
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_for_power_big_endian
- enterprise_linux_server_update_services_for_sap_solutions
- enterprise_linux_eus
- enterprise_linux_server_tus
- enterprise_linux_server_eus
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server_eus_from_rhui
- openstack
- enterprise_linux_server_from_rhui
- enterprise_linux_compute_node_eus
- enterprise_linux_for_power_big_endian_eus
fedoraproject
- fedora
xen
- xen
debian
- debian_linux
suse
- linux_enterprise_debuginfo
- linux_enterprise_server
arista
- eos
oracle
- linux
CWE
CWE-908
Use of Uninitialized Resource