CVE-2015-5165
Published: 12 August 2015
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
Priority
Status
Package | Release | Status |
---|---|---|
qemu Launchpad, Ubuntu, Debian |
trusty |
Released
(2.0.0+dfsg-2ubuntu1.17)
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Released
(1:2.2+dfsg-5expubuntu9.4)
|
|
precise |
Does not exist
|
|
Patches: upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=39b8e7dcaf04cbdb926b478f825b160d852752b5 upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=d6812d60e7932de3cd0f602c0ee63dd3d09f1847 upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=e1c120a9c54872f8a538ff9129d928de4e865cbd upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=03247d43c577dfea8181cd40177ad5ba77c8db76 upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=c6296ea88df040054ccd781f3945fe103f8c7c17 upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=4240be45632db7831129f124bcf53c1223825b0f upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=8357946b15f0a31f73dd691b7da95f29318ed310 |
||
qemu-kvm Launchpad, Ubuntu, Debian |
precise |
Released
(1.0+noroms-0ubuntu14.24)
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
xen Launchpad, Ubuntu, Debian |
precise |
Released
(4.1.6.1-0ubuntu0.12.04.6)
|
trusty |
Released
(4.4.2-0ubuntu0.14.04.2)
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Not vulnerable
(code not present)
|
|
Binaries built from this source package are in Universe and so are supported by the community. |