SUSE-SU-2015:1384-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2015-5165 CVE-2015-5166

Published: 11 Aug 2015, 08:27

Last modified:04 Feb 2026, 04:32

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Aug 2015, 08:27

Published

Vulnerability first disclosed

04 Feb 2026, 04:32

Last Modified

Vulnerability information updated

Description

security update for xen This security update of Xen fixes the following issues: * bsc#939712 (XSA-140): QEMU leak of uninitialized heap memory in rtl8139 device model (CVE-2015-5165) * bsc#939709 (XSA-139): Use after free in QEMU/Xen block unplug protocol (CVE-2015-5166)

Affected Systems

suse•xen&distro=SUSE Linux Enterprise Desktop 12
< 4.4.2_10-22.8.1
suse•xen&distro=SUSE Linux Enterprise Server 12
< 4.4.2_10-22.8.1
suse•xen&distro=SUSE Linux Enterprise Server for SAP Applications 12
< 4.4.2_10-22.8.1
suse•xen&distro=SUSE Linux Enterprise Software Development Kit 12
< 4.4.2_10-22.8.1

SUSE-SU-2015:1384-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)