CVE-2015-5165 Information

Description

The C+ mode offload emulation in the RTL8139 network card device model in QEMU as used in Xen 4.5.x and earlier allows remote attackers to read process heap memory via unspecified vectors.

Reference

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html http://rhn.redhat.com/errata/RHSA-2015-1674.html http://rhn.redhat.com/errata/RHSA-2015-1683.html http://rhn.redhat.com/errata/RHSA-2015-1739.html http://rhn.redhat.com/errata/RHSA-2015-1740.html http://rhn.redhat.com/errata/RHSA-2015-1793.html http://rhn.redhat.com/errata/RHSA-2015-1833.html http://support.citrix.com/article/CTX201717 http://www.debian.org/security/2015/dsa-3348 http://www.debian.org/security/2015/dsa-3349 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/76153 http://www.securitytracker.com/id/1033176 http://xenbits.xen.org/xsa/advisory-140.html