DEBIAN-CVE-2015-5160

DEBIAN-CVE-2015-5160 PUBLISHED CVSS 5.5 MEDIUM

libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.

Risk Scores

CVSS v3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:11	libvirt	0, 0, 0
Debian:13	libvirt	0, 0, 0
Debian:14	libvirt	0, 0, 0
Debian:12	libvirt	0, 0, 0

Timeline

Aug 20, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2015-5160 advisory

Open in Interactive Console →