SUSE-SU-2015:1479-2
Advisory lineage Upstream: 6 Downstream: 0
Published: 11 Aug 2015, 14:48
Last modified:04 Feb 2026, 02:37
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
11 Aug 2015, 14:48
Published
Vulnerability first disclosed
04 Feb 2026, 02:37
Last Modified
Vulnerability information updated
Description
Security update for xen xen was updated to fix the following security issues: * CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model (bsc#939712, XSA-140) * CVE-2015-5166: Use after free in QEMU/Xen block unplug protocol (bsc#939709, XSA-139) * CVE-2015-2751: Certain domctl operations could have be used to lock up the host (bsc#922709, XSA-127) * CVE-2015-3259: xl command line config handling stack overflow (bsc#935634, XSA-137) * CVE-2015-4164: DoS through iret hypercall handler (bsc#932996, XSA-136) * CVE-2015-5154: Host code execution via IDE subsystem CD-ROM (bsc#938344)
Affected Systems
- suse•xen&distro=SUSE Linux Enterprise Desktop 11 SP3
< 4.2.5_12-15.1
References (13)
- https://www.suse.com/support/update/announcement/2015/suse-su-20151479-2/
- https://bugzilla.suse.com/922709
- https://bugzilla.suse.com/932996
- https://bugzilla.suse.com/935634
- https://bugzilla.suse.com/938344
- https://bugzilla.suse.com/939709
- https://bugzilla.suse.com/939712
- https://www.suse.com/security/cve/CVE-2015-2751
- https://www.suse.com/security/cve/CVE-2015-3259
- https://www.suse.com/security/cve/CVE-2015-4164
- https://www.suse.com/security/cve/CVE-2015-5154
- https://www.suse.com/security/cve/CVE-2015-5165
- https://www.suse.com/security/cve/CVE-2015-5166