Red Hat, Inc. (AV:A/AC:L/Au:N/C:P/I:N/A:N)

An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

https://access.redhat.com/errata/RHSA-2015:1674 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1683 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1718 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1739 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1740 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1793 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1833 [No Types Assigned]

https://access.redhat.com/security/cve/CVE-2015-5165 [No Types Assigned]

https://bugzilla.redhat.com/show_bug.cgi?id=1248760 [No Types Assigned]

Red Hat, Inc. (AV:A/AC:L/Au:N/C:P/I:N/A:N)

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.

https://access.redhat.com/errata/RHSA-2015:1674 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1683 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1718 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1739 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1740 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1793 [No Types Assigned]

https://access.redhat.com/errata/RHSA-2015:1833 [No Types Assigned]

https://access.redhat.com/security/cve/CVE-2015-5165 [No Types Assigned]

https://bugzilla.redhat.com/show_bug.cgi?id=1248760 [No Types Assigned]

OR
     *cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
     *cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.1:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.2:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.3:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.4:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux

OR
     *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*

OR
     *cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:*
     *cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:*
     *cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:*
     *cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*

NIST (AV:N/AC:M/Au:N/C:C/I:C/A:C)

NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)

NIST CWE-908

NIST CWE-200

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html No Types Assigned

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html Issue Tracking, Mailing List, Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html No Types Assigned

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html Issue Tracking, Mailing List, Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html No Types Assigned

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html Issue Tracking, Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html Issue Tracking, Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html Issue Tracking, Mailing List, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1674.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1674.html Issue Tracking, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1683.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1683.html Issue Tracking, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1739.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1739.html Issue Tracking, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1740.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1740.html Issue Tracking, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1793.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1793.html Issue Tracking, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1833.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1833.html Issue Tracking, Third Party Advisory

http://support.citrix.com/article/CTX201717 No Types Assigned

http://support.citrix.com/article/CTX201717 Broken Link, Third Party Advisory

http://www.debian.org/security/2015/dsa-3348 No Types Assigned

http://www.debian.org/security/2015/dsa-3348 Third Party Advisory

http://www.debian.org/security/2015/dsa-3349 No Types Assigned

http://www.debian.org/security/2015/dsa-3349 Third Party Advisory

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html No Types Assigned

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html Third Party Advisory

http://www.securityfocus.com/bid/76153 No Types Assigned

http://www.securityfocus.com/bid/76153 Third Party Advisory, VDB Entry

http://www.securitytracker.com/id/1033176 No Types Assigned

http://www.securitytracker.com/id/1033176 Third Party Advisory, VDB Entry

https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 No Types Assigned

https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 Third Party Advisory

https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 [No Types Assigned]

OR
     *cpe:2.3:a:xen:xen:4.5.1:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:xen:xen:*:*:*:*:*:*:*:* versions from (including) 4.5.0

OR
     *cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* versions from (including) 4.5.0

http://www.debian.org/security/2015/dsa-3348 [No Types Assigned]

http://www.debian.org/security/2015/dsa-3349 [No Types Assigned]

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1674.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1683.html [No Types Assigned]

http://www.securitytracker.com/id/1033176 [No Types Assigned]

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1739.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1740.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1793.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1833.html [No Types Assigned]

http://support.citrix.com/article/CTX201717 [No Types Assigned]

http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html [No Types Assigned]

http://www.securityfocus.com/bid/76153 [No Types Assigned]

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Configuration 1
     OR
          *cpe:2.3:a:xen:xen:4.5.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:xen:xen:4.5.1:*:*:*:*:*:*:*

Configuration 1
     OR
          *cpe:2.3:a:xen:xen:4.5.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:xen:xen:4.5.1:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html

Vulnerabilidad en la emulación de modo offload C+ en el modelo de tarjeta de red del dispositivo RTL8139 en QEMU, tal y como se utiliza en Xen 4.5.x y versiones anteriores, permite a atacantes remotos leer la memoria dinámica del proceso a través de vectores no especificados.

Vulnerabilidad en la emulación de modo C+ offload en el modelo de tarjeta de red del dispositivo RTL8139 en QEMU, usado en Xen 4.5.x y versiones anteriores, permite a atacantes remotos leer la memoria dinámica del proceso a través de vectores no especificados.

Configuration 1
     OR
          *cpe:2.3:a:xen:xen:4.5.0:*:*:*:*:*:*:* (and previous)
          *cpe:2.3:a:xen:xen:4.5.1:*:*:*:*:*:*:*

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CWE-200

http://xenbits.xen.org/xsa/advisory-140.html No Types Assigned

http://xenbits.xen.org/xsa/advisory-140.html Advisory, Patch