What is the severity of CVE-2015-5165?

CVE-2015-5165 has a high severity rating due to its potential to allow remote attackers to read sensitive process heap memory.

How do I fix CVE-2015-5165?

To fix CVE-2015-5165, you should update to the latest version of the affected software that includes the security patch.

Which software is affected by CVE-2015-5165?

CVE-2015-5165 affects certain versions of Xen, Fedora, SUSE Linux, Debian, and various Red Hat products.

Can CVE-2015-5165 be exploited remotely?

Yes, CVE-2015-5165 can be exploited remotely by attackers, posing a significant risk to vulnerable systems.

What are the potential effects of CVE-2015-5165?

The potential effects of CVE-2015-5165 include unauthorized access to sensitive information and process memory leakage.

Vulnerability/
CVE-2015-5165

critical

9.3

CWE

908

12/8/2015

6/8/2024

CVE-2015-5165

First published: Wed Aug 12 2015(Updated: )

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Xen XAPI	<=4.5.0
Xen XAPI	=4.5.1
Red Hat Fedora	=21
Red Hat Fedora	=22
SUSE Linux Enterprise Debuginfo	=11-sp1
SUSE Linux Enterprise Server	=10-sp4
SUSE Linux Enterprise Server	=11-sp1
Debian Linux	=7.0
Debian Linux	=8.0
Red Hat OpenStack for IBM Power	=5.0
Red Hat OpenStack for IBM Power	=6.0
Red Hat Enterprise Virtualization	=3.0
Red Hat Enterprise Linux Compute Node EUS	=7.1
Red Hat Enterprise Linux Compute Node EUS	=7.2
Red Hat Enterprise Linux Compute Node EUS	=7.3
Red Hat Enterprise Linux Compute Node EUS	=7.4
Red Hat Enterprise Linux Compute Node EUS	=7.5
Red Hat Enterprise Linux Compute Node EUS	=7.6
Red Hat Enterprise Linux Compute Node EUS	=7.7
Red Hat Enterprise Linux Desktop	=6.0
Red Hat Enterprise Linux Server EUS	=6.7
Red Hat Enterprise Linux	=6.7
Red Hat Enterprise Linux for Power, big endian	=6.0
Red Hat Enterprise Linux for Power, big endian	=7.0
Red Hat Enterprise Linux for Power, Big Endian EUS	=6.7_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.1_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.2_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.3_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.4_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.5_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.6_ppc64
Red Hat Enterprise Linux for Power, Big Endian EUS	=7.7_ppc64
Red Hat Enterprise Linux for Scientific Computing	=6.0
Red Hat Enterprise Linux for Scientific Computing	=7.0
Red Hat Enterprise Linux Server	=6.0
Red Hat Enterprise Linux Server	=7.0
Red Hat Enterprise Linux Server	=7.3
Red Hat Enterprise Linux Server	=7.4
Red Hat Enterprise Linux Server	=7.6
Red Hat Enterprise Linux Server	=7.7
Red Hat Enterprise Linux Server	=7.1
Red Hat Enterprise Linux Server	=7.2
Red Hat Enterprise Linux Server	=7.3
Red Hat Enterprise Linux Server	=7.4
Red Hat Enterprise Linux Server	=7.5
Red Hat Enterprise Linux Server	=7.6
Red Hat Enterprise Linux Server	=7.7
Red Hat Enterprise Linux Server Supplementary EUS	=6.7
Red Hat Enterprise Linux Server Supplementary EUS	=6.0
Red Hat Enterprise Linux Server Supplementary EUS	=7.0
Red Hat Enterprise Linux Server	=7.3
Red Hat Enterprise Linux Server	=7.6
Red Hat Enterprise Linux Server	=7.7
Red Hat Enterprise Linux Server Update Services for SAP Solutions	=7.2
Red Hat Enterprise Linux Server Update Services for SAP Solutions	=7.3
Red Hat Enterprise Linux Server Update Services for SAP Solutions	=7.4
Red Hat Enterprise Linux Server Update Services for SAP Solutions	=7.6
Red Hat Enterprise Linux Server Update Services for SAP Solutions	=7.7
Red Hat Enterprise Linux Workstation	=6.0
Red Hat Enterprise Linux Workstation	=7.0
Arista EOS	=4.12
Arista EOS	=4.13
Arista EOS	=4.14
Arista EOS	=4.15
Oracle Linux	=7-0

Remedy

http://xenbits.xen.org/xsa/advisory-140.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-5165?
CVE-2015-5165 has a high severity rating due to its potential to allow remote attackers to read sensitive process heap memory.
How do I fix CVE-2015-5165?
To fix CVE-2015-5165, you should update to the latest version of the affected software that includes the security patch.
Which software is affected by CVE-2015-5165?
CVE-2015-5165 affects certain versions of Xen, Fedora, SUSE Linux, Debian, and various Red Hat products.
Can CVE-2015-5165 be exploited remotely?
Yes, CVE-2015-5165 can be exploited remotely by attackers, posing a significant risk to vulnerable systems.
What are the potential effects of CVE-2015-5165?
The potential effects of CVE-2015-5165 include unauthorized access to sensitive information and process memory leakage.

agent/type
agent/references
agent/weakness
agent/severity
agent/remedy
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/xen
canonical/xen xapi
version/xen xapi/4.5.0
version/xen xapi/4.5.1
vendor/fedoraproject
canonical/red hat fedora
version/red hat fedora/21
version/red hat fedora/22
vendor/suse
canonical/suse linux enterprise debuginfo
version/suse linux enterprise debuginfo/11-sp1
canonical/suse linux enterprise server
version/suse linux enterprise server/10-sp4
version/suse linux enterprise server/11-sp1
vendor/debian
canonical/debian linux
version/debian linux/7.0
version/debian linux/8.0
vendor/redhat
canonical/red hat openstack for ibm power
version/red hat openstack for ibm power/5.0
version/red hat openstack for ibm power/6.0
canonical/red hat enterprise virtualization
version/red hat enterprise virtualization/3.0
canonical/red hat enterprise linux compute node eus
version/red hat enterprise linux compute node eus/7.1
version/red hat enterprise linux compute node eus/7.2
version/red hat enterprise linux compute node eus/7.3
version/red hat enterprise linux compute node eus/7.4
version/red hat enterprise linux compute node eus/7.5
version/red hat enterprise linux compute node eus/7.6
version/red hat enterprise linux compute node eus/7.7
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/6.0
canonical/red hat enterprise linux server eus
version/red hat enterprise linux server eus/6.7
canonical/red hat enterprise linux
version/red hat enterprise linux/6.7
canonical/red hat enterprise linux for power, big endian
version/red hat enterprise linux for power, big endian/6.0
version/red hat enterprise linux for power, big endian/7.0
canonical/red hat enterprise linux for power, big endian eus
version/red hat enterprise linux for power, big endian eus/6.7_ppc64
version/red hat enterprise linux for power, big endian eus/7.1_ppc64
version/red hat enterprise linux for power, big endian eus/7.2_ppc64
version/red hat enterprise linux for power, big endian eus/7.3_ppc64
version/red hat enterprise linux for power, big endian eus/7.4_ppc64
version/red hat enterprise linux for power, big endian eus/7.5_ppc64
version/red hat enterprise linux for power, big endian eus/7.6_ppc64
version/red hat enterprise linux for power, big endian eus/7.7_ppc64
canonical/red hat enterprise linux for scientific computing
version/red hat enterprise linux for scientific computing/6.0
version/red hat enterprise linux for scientific computing/7.0
canonical/red hat enterprise linux server
version/red hat enterprise linux server/6.0
version/red hat enterprise linux server/7.0
version/red hat enterprise linux server/7.3
version/red hat enterprise linux server/7.4
version/red hat enterprise linux server/7.6
version/red hat enterprise linux server/7.7
version/red hat enterprise linux server/7.1
version/red hat enterprise linux server/7.2
version/red hat enterprise linux server/7.5
canonical/red hat enterprise linux server supplementary eus
version/red hat enterprise linux server supplementary eus/6.7
version/red hat enterprise linux server supplementary eus/6.0
version/red hat enterprise linux server supplementary eus/7.0
canonical/red hat enterprise linux server update services for sap solutions
version/red hat enterprise linux server update services for sap solutions/7.2
version/red hat enterprise linux server update services for sap solutions/7.3
version/red hat enterprise linux server update services for sap solutions/7.4
version/red hat enterprise linux server update services for sap solutions/7.6
version/red hat enterprise linux server update services for sap solutions/7.7
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/6.0
version/red hat enterprise linux workstation/7.0
vendor/arista
canonical/arista eos
version/arista eos/4.12
version/arista eos/4.13
version/arista eos/4.14
version/arista eos/4.15
vendor/oracle
canonical/oracle linux
version/oracle linux/7-0