{"id":"CVE-2015-5166","details":"Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.","modified":"2026-02-04T15:51:01.339658Z","published":"2015-08-12T14:59:25Z","related":["MGASA-2016-0098","SUSE-SU-2015:1384-1","SUSE-SU-2015:1404-1","SUSE-SU-2015:1479-1","SUSE-SU-2015:1479-2"],"references":[{"type":"ADVISORY","url":"http://xenbits.xen.org/xsa/advisory-139.html"},{"type":"FIX","url":"http://xenbits.xen.org/xsa/advisory-139.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/76152"},{"type":"WEB","url":"http://www.securitytracker.com/id/1033175"}],"schema_version":"1.7.3"}