CVE-2015-5165: Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)

Severity: Critical

CVSS Score: 9.3

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.