CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

References

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html
http://rhn.redhat.com/errata/RHSA-2015-1674.html
http://rhn.redhat.com/errata/RHSA-2015-1683.html
http://rhn.redhat.com/errata/RHSA-2015-1739.html
http://rhn.redhat.com/errata/RHSA-2015-1740.html
http://rhn.redhat.com/errata/RHSA-2015-1793.html
http://rhn.redhat.com/errata/RHSA-2015-1833.html
http://support.citrix.com/article/CTX201717
http://www.debian.org/security/2015/dsa-3348
http://www.debian.org/security/2015/dsa-3349
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/76153
http://www.securitytracker.com/id/1033176
http://xenbits.xen.org/xsa/advisory-140.html
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13

CVE-2015-5165

Affected packages