[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2015-0369":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":22,"duplicates":23,"related":24,"reserved_at":9,"published_at":29,"modified_at":30,"state":9,"summary":31,"references_raw":33,"kevs":62,"epss":9,"epss_history":63,"metrics":64,"affected":65},"MGASA-2015-0369","Updated qemu packages fix security vulnerabilities\n\nUpdated qemu packages fix security vulnerabilities:\n\nQemu emulator built with the RTL8139 emulation support is vulnerable to an\ninformation leakage flaw. It could occur while processing network packets\nunder RTL8139 controller's C+ mode of operation. A guest user could use this\nflaw to read uninitialised Qemu heap memory up to 65K bytes (CVE-2015-5165).\n\nQinghao Tang and Mr. Zuozhi discovered that QEMU incorrectly handled memory in\nthe VNC display driver. A malicious guest could use this issue to cause a\ndenial of service, or possibly execute arbitrary code on the host as the user\nrunning the QEMU process (CVE-2015-5225). - Mageia 5 only\n\nQemu emulator built with the e1000 NIC emulation support is vulnerable to an\ninfinite loop issue. It could occur while processing transmit descriptor data\nwhen sending a network packet. A privileged user inside guest could use this\nflaw to crash the Qemu instance resulting in DoS (CVE-2015-6815).\n\nQemu emulator built with the IDE disk and CD/DVD-ROM emulation support is\nvulnerable to a divide by zero issue. It could occur while executing an IDE\ncommand WIN_READ_NATIVE_MAX to determine the maximum size of a drive. A\nprivileged user inside guest could use this flaw to crash the Qemu instance\nresulting in DoS (CVE-2015-6855).\n",null,[],[],[],[14,16,18,20],{"_key":15},"CVE-2015-5165",{"_key":17},"CVE-2015-5225",{"_key":19},"CVE-2015-6815",{"_key":21},"CVE-2015-6855",[],[],[25,26,27,28],{"_key":15},{"_key":17},{"_key":19},{"_key":21},"2015-09-15T14:55:06Z","2026-04-16T06:26:23.495617425Z",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[34,40,45,50,54,58],{"url":35,"sources":36,"tags":38},"https://advisories.mageia.org/MGASA-2015-0369.html",[37],"osv_mageia",[39],"Advisory",{"url":41,"sources":42,"tags":43},"https://bugs.mageia.org/show_bug.cgi?id=16604",[37],[44],"REPORT",{"url":46,"sources":47,"tags":48},"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/165305.html",[37],[44,49],"WEB",{"url":51,"sources":52,"tags":53},"http://www.ubuntu.com/usn/usn-2724-1/",[37],[44,49],{"url":55,"sources":56,"tags":57},"http://openwall.com/lists/oss-security/2015/09/05/5",[37],[44,49],{"url":59,"sources":60,"tags":61},"http://openwall.com/lists/oss-security/2015/09/10/2",[37],[44,49],[],[],[],[66],{"ecosystem":67,"name":68,"vendor":69,"product":68,"cpe_part":9,"purl_type":70,"purl_namespace":69,"purl_name":68,"source":9,"versions":71},"Mageia","qemu","mageia","rpm",[72],{"version":73,"is_range":74,"range_type":75,"version_start":9,"version_start_type":9,"version_end":76,"version_end_type":77,"fixed_in":9},"lt2_1_3_2_6_mga5",true,"ecosystem","2.1.3-2.6.mga5","excluding"]