CVE-2013-4544

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

References

http://git.qemu.org/?p=qemu.git;a=commit;h=3c99afc779c2c78718a565ad8c5e98de7c2c7484

http://git.qemu.org/?p=qemu.git;a=commit;h=8c6c0478996e8f77374e69b6df68655b0b4ba689

http://git.qemu.org/?p=qemu.git;a=commit;h=9878d173f574df74bde0ff50b2f81009fbee81bb

http://git.qemu.org/?p=qemu.git;a=commit;h=f12d048a523780dbda702027d4a91b62af1a08d7

http://secunia.com/advisories/58191

http://thread.gmane.org/gmane.comp.emulators.qemu/265562

http://ubuntu.com/usn/usn-2182-1

http://www.osvdb.org/106013

https://bugzilla.redhat.com/show_bug.cgi?id=1087513

Details

Source: MITRE

Published: 2014-05-08

Updated: 2014-05-09

Type: CWE-20

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:A/AC:M/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 4.4

Severity: MEDIUM

Tenable Plugins

View all (6 total)

IDNameProductFamilySeverity
135559EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)NessusHuawei Local Security Checks
critical
131585EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2019-2431)NessusHuawei Local Security Checks
critical
130689EulerOS 2.0 SP5 : qemu-kvm (EulerOS-SA-2019-2227)NessusHuawei Local Security Checks
critical
77461GLSA-201408-17 : QEMU: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
73818Fedora 20 : qemu-1.6.2-4.fc20 (2014-5825)NessusFedora Local Security Checks
high
73752Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 / 14.04 LTS : qemu, qemu-kvm vulnerabilities (USN-2182-1)NessusUbuntu Local Security Checks
high