VDB
GCVE-110-MAGEIA-2015-369
GCVE-110-MAGEIA-2015-369
Advisory Published
Updated qemu packages fix security vulnerabilities:
Qemu emulator built with the RTL8139 emulation support is vulnerable to an
information leakage flaw. It could occur while processing network packets
under RTL8139 controller's C+ mode of operation. A guest user could use this
flaw to read uninitialised Qemu heap memory up to 65K bytes (CVE-2015-5165).
Qinghao Tang and Mr. Zuozhi discovered that QEMU incorrectly handled memory in
the VNC display driver. A malicious guest could use this issue to cause a
denial of service, or possibly execute arbitrary code on the host as the user
running the QEMU process (CVE-2015-5225). - Mageia 5 only
Qemu emulator built with the e1000 NIC emulation support is vulnerable to an
infinite loop issue. It could occur while processing transmit descriptor data
when sending a network packet. A privileged user inside guest could use this
flaw to crash the Qemu instance resulting in DoS (CVE-2015-6815).
Qemu emulator built with the IDE disk and CD/DVD-ROM emulation support is
vulnerable to a divide by zero issue. It could occur while executing an IDE
command WIN_READ_NATIVE_MAX to determine the maximum size of a drive. A
privileged user inside guest could use this flaw to crash the Qemu instance
resulting in DoS (CVE-2015-6855).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | qemu | 0 (affected), 2.1.3-2.6.mga5 (unaffected) | — |
References
Browse GCVE Records
73,738 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.