Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-5166
HistoryAug 12, 2015 - 12:00 a.m.

CVE-2015-5166

2015-08-1200:00:00
ubuntu.com
ubuntu.com
13

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.6%

JSON

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not
completely unplug emulated block devices, which allows local HVM guest
users to gain privileges by unplugging a block device twice.

Bugs

Notes

Author Note
mdeslaur precise and trusty don’t look affected
OSVersionArchitecturePackageVersionFilename
ubuntu15.04noarchqemu< 1:2.2+dfsg-5expubuntu9.4UNKNOWN

Related

xen 1
nessus 14
prion 1
cve 1
debiancve 1
f5 1
freebsd 1
fedora 5
openvas 10
securityvulns 2
ubuntu 1
arista 1
suse 4
mageia 1
xen
xen
Use after free in QEMU/Xen block unplug protocol
2015-08-03 12:00:00
nessus
nessus
FreeBSD : qemu, xen-tools -- use-after-free in QEMU/Xen block unplug protocol (ee99899d-4347-11e5-93ad-002590263bf5)
2015-08-18 00:00:00
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1384-1)
2015-08-18 00:00:00
Fedora 23 : xen-4.5.1-6.fc23 (2015-14361)
2015-09-02 00:00:00
prion
prion
Design/Logic Flaw
2015-08-12 14:59:00
cve
cve
CVE-2015-5166
2015-08-12 14:59:00
debiancve
debiancve
CVE-2015-5166
2015-08-12 14:59:00
f5
f5
K75269595 : QEMU vulnerability CVE-2015-5166
2019-02-05 00:00:00
freebsd
freebsd
qemu, xen-tools -- use-after-free in QEMU/Xen block unplug protocol
2015-08-03 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.3-3.fc21
2015-09-26 21:53:13
[SECURITY] Fedora 22 Update: xen-4.5.1-8.fc22
2015-09-27 03:27:49
[SECURITY] Fedora 23 Update: xen-4.5.1-6.fc23
2015-09-01 18:39:24
openvas
openvas
Fedora Update for xen FEDORA-2015-15944
2015-09-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1404-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1384-1)
2021-04-19 00:00:00
securityvulns
securityvulns
[USN-2724-1] QEMU vulnerabilities
2015-08-31 00:00:00
libvirt / qemu multiple security vulnerabilities
2015-08-31 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2015-08-27 00:00:00
arista
arista
Security Advisory 0013
2015-09-04 00:00:00
suse
suse
Security update for xen (important)
2015-09-02 19:09:33
Security update for xen (important)
2015-09-02 18:09:46
Security update for xen (important)
2015-11-12 12:10:04
mageia
mageia
Updated xen packages fix security vulnerabilities
2016-03-07 14:20:30

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.6%

JSON
Related for UB:CVE-2015-5166
xen1nessus14prion1cve1debiancve1f51freebsd1fedora5openvas10securityvulns2ubuntu1arista1suse4mageia1