SUSE-SU-2015:1404-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2015-5165 CVE-2015-5166

Published: 11 Aug 2015, 08:37

Last modified:04 Feb 2026, 03:18

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Aug 2015, 08:37

Published

Vulnerability first disclosed

04 Feb 2026, 03:18

Last Modified

Vulnerability information updated

Description

security update for xen This security update of Xen fixes the following issues: * bsc#939712 (XSA-140): QEMU leak of uninitialized heap memory in rtl8139 device model (CVE-2015-5165) * bsc#939709 (XSA-139): Use after free in QEMU/Xen block unplug protocol (CVE-2015-5166)

Affected Systems

suse•xen&distro=SUSE Linux Enterprise Desktop 11 SP4
< 4.4.2_12-23.1
suse•xen&distro=SUSE Linux Enterprise Server 11 SP4
< 4.4.2_12-23.1
suse•xen&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
< 4.4.2_12-23.1
suse•xen&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
< 4.4.2_12-23.1

SUSE-SU-2015:1404-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)