{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T04:20:14.832","vulnerabilities":[{"cve":{"id":"CVE-2015-5166","sourceIdentifier":"secalert@redhat.com","published":"2015-08-12T14:59:25.247","lastModified":"2026-05-06T22:30:45.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice."},{"lang":"es","value":"Vulnerabilidad de uso despuĆ©s de liberaciĆ³n en la memoria en QEMU en Xen 4.5.x y versiones anteriores, no desconecta completamente los dispositivos de bloque emulados, lo que permite a usuarios invitados HVM locales obtener privilegios desconectando un dispositivo de bloque dos veces."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-264"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","matchCriteriaId":"56BDB5A0-0839-4A20-A003-B8CD56F48171"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","matchCriteriaId":"253C303A-E577-4488-93E6-68A8DD942C38"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*","versionEndIncluding":"4.5.0","matchCriteriaId":"FE6592AF-775F-4B8A-8E33-57A1239852E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*","matchCriteriaId":"F0ED340C-6746-471E-9F2D-19D62D224B7A"}]}]}],"references":[{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html","source":"secalert@redhat.com"},{"url":"http://www.securityfocus.com/bid/76152","source":"secalert@redhat.com"},{"url":"http://www.securitytracker.com/id/1033175","source":"secalert@redhat.com"},{"url":"http://xenbits.xen.org/xsa/advisory-139.html","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/76152","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1033175","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://xenbits.xen.org/xsa/advisory-139.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}