Lucene search
Ubuntu.comUB:CVE-2015-5160HistoryAug 20, 2018 - 12:00 a.m.
CVE-2015-5160
2018-08-2000:00:00
ubuntu.com
ubuntu.com
12
0.0004 Low
EPSS
Percentile
5.2%
libvirt before 2.2 includes Ceph credentials on the qemu command line when
using RADOS Block Device (aka RBD), which allows local users to obtain
sensitive information via a process listing.
Bugs
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5160>
- <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796111>
Notes
| Author | Note |
|---|---|
| tyhicks | libvirt and qemu need changes to securely pass passwords between themselves. |
| mdeslaur | libvirt fix required qemu 2.6 we will not be fixing this minor issue in xenial and earlier. |
Related
prion
prion
Design/Logic Flaw
2018-08-20 21:29:00
veracode
veracode
Information Disclosure
2019-01-15 09:13:55
ibm
ibm
Security Bulletin: A vulnerability in libvirt affects PowerKVM
2018-06-18 01:34:53
cve
cve
CVE-2015-5160
2018-08-20 21:29:00
debiancve
debiancve
CVE-2015-5160
2018-08-20 21:29:00
cvelist
cvelist
CVE-2015-5160
2018-08-20 21:00:00
nessus
nessus
RHEL 7 : libvirt (RHSA-2016:2577)
2016-11-04 00:00:00
Scientific Linux Security Update : libvirt on SL7.x x86_64 (20161103)
2016-12-15 00:00:00
CentOS 7 : libvirt (CESA-2016:2577)
2016-11-28 00:00:00
oraclelinux
oraclelinux
libvirt security, bug fix, and enhancement update
2016-11-09 00:00:00
centos
centos
libvirt security update
2016-11-25 15:59:54
openvas
openvas
RedHat Update for libvirt RHSA-2016:2577-02
2016-11-04 00:00:00
redhat
redhat
(RHSA-2016:2577) Moderate: libvirt security, bug fix, and enhancement update
2016-11-03 06:07:14