Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2015-5165

Published: 12 August 2015

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Priority

Medium

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
trusty
Released (2.0.0+dfsg-2ubuntu1.17)
upstream Needs triage

utopic Ignored
(end of life)
vivid
Released (1:2.2+dfsg-5expubuntu9.4)
precise Does not exist

Patches:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=39b8e7dcaf04cbdb926b478f825b160d852752b5
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=d6812d60e7932de3cd0f602c0ee63dd3d09f1847
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=e1c120a9c54872f8a538ff9129d928de4e865cbd
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=03247d43c577dfea8181cd40177ad5ba77c8db76
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=c6296ea88df040054ccd781f3945fe103f8c7c17
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=4240be45632db7831129f124bcf53c1223825b0f
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=8357946b15f0a31f73dd691b7da95f29318ed310
qemu-kvm
Launchpad, Ubuntu, Debian
precise
Released (1.0+noroms-0ubuntu14.24)
trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

xen
Launchpad, Ubuntu, Debian
precise
Released (4.1.6.1-0ubuntu0.12.04.6)
trusty
Released (4.4.2-0ubuntu0.14.04.2)
upstream Needs triage

utopic Ignored
(end of life)
vivid Not vulnerable
(code not present)
Binaries built from this source package are in Universe and so are supported by the community.