CVE-2015-5165

Sažetak

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Reference

http://xenbits.xen.org/xsa/advisory-140.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/76153
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html
http://support.citrix.com/article/CTX201717
http://rhn.redhat.com/errata/RHSA-2015-1833.html
http://rhn.redhat.com/errata/RHSA-2015-1793.html
http://rhn.redhat.com/errata/RHSA-2015-1740.html
http://rhn.redhat.com/errata/RHSA-2015-1739.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html
http://www.securitytracker.com/id/1033176
http://rhn.redhat.com/errata/RHSA-2015-1683.html
http://rhn.redhat.com/errata/RHSA-2015-1674.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html
http://www.debian.org/security/2015/dsa-3349
http://www.debian.org/security/2015/dsa-3348
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

13-02-2023 - 00:50

Objavljeno

12-08-2015 - 14:59