SUSE CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU vulnerabilities (USN-3826-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3826-1 advisory. Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest...

USN-3826-1 qemu vulnerabilities

Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2018-10839 It was discovered that QEMU incorrectly handled the Slirp networking back-en...

Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)

An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory...

UBUNTU-CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...