CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

Published: 2015-08-12 Last update: 2026-05-06 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2015-5165 is rated High Risk (69.9/100): CVSS Critical severity, with high exploitation likelihood (EPSS 12.94%, 94th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2015-5165

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-05-24 13.16% 12.94% -0.22%
2 2026-03-14 10.57% 13.16% +2.59%
3 2026-02-18 10.57%

Full EPSS history (17 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2015-5165

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2015-5165

OS Trackers for CVE-2015-5165

vendor priority summary link
debian not yet assigned CVE-2015-5165 not yet assigned priority: Debian including 2 source packages (qemu, xen), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. https://security-tracker.debian.org/tracker/CVE-2015-5165
redhat medium https://access.redhat.com/security/cve/CVE-2015-5165
suse medium CVE-2015-5165 severity moderate: SUSE including 70 source package names (libcacard-1.5.3-86.el7_1.6, libcacard-devel-1.5.3-86.el7_1.6, …), 181 product×package rows across 38 product lines (SUSE CaaS Platform 4.5, SUSE Enterprise Storage 7, … (38 product lines)): Fixed 115, Known Not Affected 66. https://www.suse.com/security/cve/CVE-2015-5165/
ubuntu medium CVE-2015-5165 medium priority: Ubuntu including 3 source packages (qemu, qemu-kvm, xen), 15 status rows across 5 suites (precise, trusty, upstream, utopic, vivid): released 5, DNE 4, needs-triage 3, ignored 2, not-affected 1. https://ubuntu.com/security/CVE-2015-5165

Affected software / configurations for CVE-2015-5165

Vendor Product Version Raw CPE
xen xen <= 4.5.0 cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*
xen xen 4.5.1 cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*
fedoraproject fedora 21 cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
fedoraproject fedora 22 cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
suse linux_enterprise_debuginfo 11 cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:*
suse linux_enterprise_server 10 cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
suse linux_enterprise_server 11 cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
debian debian_linux 7.0 cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debian debian_linux 8.0 cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
redhat openstack 5.0 cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
redhat openstack 6.0 cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
redhat virtualization 3.0 cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.1 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.1:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.2 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.2:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.3 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.4 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.4:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.5 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.5:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.6 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_compute_node_eus 7.7 cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 6.0 cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_eus 6.7 cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
redhat enterprise_linux_eus_compute_node 6.7 cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:6.7:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian 6.0 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian 7.0 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 6.7_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.1_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.1_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.2_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64 cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*
redhat enterprise_linux_for_scientific_computing 6.0 cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_for_scientific_computing 7.0 cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_server 6.0 cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_aus 7.7 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.1 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.5 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.7 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus_from_rhui 6.7 cpe:2.3:o:redhat:enterprise_linux_server_eus_from_rhui:6.7:*:*:*:*:*:*:*
redhat enterprise_linux_server_from_rhui 6.0 cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_server_from_rhui 7.0 cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_server_tus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_server_tus 7.6 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_tus 7.7 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_server_update_services_for_sap_solutions 7.2 cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.2:*:*:*:*:*:*:*
redhat enterprise_linux_server_update_services_for_sap_solutions 7.3 cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.3:*:*:*:*:*:*:*
redhat enterprise_linux_server_update_services_for_sap_solutions 7.4 cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.4:*:*:*:*:*:*:*
redhat enterprise_linux_server_update_services_for_sap_solutions 7.6 cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*
redhat enterprise_linux_server_update_services_for_sap_solutions 7.7 cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 6.0 cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
arista eos 4.12 cpe:2.3:o:arista:eos:4.12:*:*:*:*:*:*:*
arista eos 4.13 cpe:2.3:o:arista:eos:4.13:*:*:*:*:*:*:*
arista eos 4.14 cpe:2.3:o:arista:eos:4.14:*:*:*:*:*:*:*
arista eos 4.15 cpe:2.3:o:arista:eos:4.15:*:*:*:*:*:*:*
oracle linux 7 cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*

References for CVE-2015-5165

URL Tags
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html Issue Tracking Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html Issue Tracking Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html Issue Tracking Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html Issue Tracking Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html Issue Tracking Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1674.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1683.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1739.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1740.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1793.html Issue Tracking Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1833.html Issue Tracking Third Party Advisory
http://support.citrix.com/article/CTX201717 Broken Link Third Party Advisory
http://www.debian.org/security/2015/dsa-3348 Third Party Advisory
http://www.debian.org/security/2015/dsa-3349 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html Third Party Advisory
http://www.securityfocus.com/bid/76153 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033176 Third Party Advisory VDB Entry
http://xenbits.xen.org/xsa/advisory-140.html Patch Vendor Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13 Third Party Advisory
cvelogic Threat Intelligence