CVE-2015-5165: The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap…

critical9.3CVSS 3.1

AVNACMAuNCCICAC

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Affected

76 ranges· showing 25

Vendor	Product	Version range	Fixed in
arista	eos	—	—
arista	eos	—	—
arista	eos	—	—
arista	eos	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	qemu	< qemu 1:2.4+dfsg-1a (bookworm)	qemu 1:2.4+dfsg-1a (bookworm)
debian	xen	< qemu 1:2.4+dfsg-1a (bookworm)	qemu 1:2.4+dfsg-1a (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
oracle	linux	—	—
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 1:2.4+dfsg-1a	1:2.4+dfsg-1a
qemu	qemu	>= 0 < 2.0.0+dfsg-2ubuntu1.17	2.0.0+dfsg-2ubuntu1.17
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_compute_node_eus	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_eus	—	—

CVSS provenance

nvd9.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C

osv9.3CRITICAL