CVE-2013-4544

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-4544
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

4.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 4.4 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7
http://secunia.com/advisories/58191 Vendor Advisory
http://thread.gmane.org/gmane.comp.emulators.qemu/265562
http://ubuntu.com/usn/usn-2182-1
http://www.osvdb.org/106013
https://bugzilla.redhat.com/show_bug.cgi?id=1087513
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.0:rc4:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.1:rc2:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.1:rc3:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.1:rc4:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.0:rc3:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.6.0:rc3:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.0.0:rc0:*:*:*:*:*:*
History

07 Nov 2023, 02:16

Type Values Removed Values Added
Summary hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information. hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

13 Feb 2023, 04:47

Type Values Removed Values Added
References
  • {'url': 'http://git.qemu.org/?p=qemu.git;a=commit;h=f12d048a523780dbda702027d4a91b62af1a08d7', 'name': 'http://git.qemu.org/?p=qemu.git;a=commit;h=f12d048a523780dbda702027d4a91b62af1a08d7', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • {'url': 'http://git.qemu.org/?p=qemu.git;a=commit;h=3c99afc779c2c78718a565ad8c5e98de7c2c7484', 'name': 'http://git.qemu.org/?p=qemu.git;a=commit;h=3c99afc779c2c78718a565ad8c5e98de7c2c7484', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • {'url': 'http://git.qemu.org/?p=qemu.git;a=commit;h=9878d173f574df74bde0ff50b2f81009fbee81bb', 'name': 'http://git.qemu.org/?p=qemu.git;a=commit;h=9878d173f574df74bde0ff50b2f81009fbee81bb', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • {'url': 'http://git.qemu.org/?p=qemu.git;a=commit;h=8c6c0478996e8f77374e69b6df68655b0b4ba689', 'name': 'http://git.qemu.org/?p=qemu.git;a=commit;h=8c6c0478996e8f77374e69b6df68655b0b4ba689', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • (MISC) http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484 -
  • (MISC) http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7 -
  • (MISC) http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689 -
  • (MISC) http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb -
Summary hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information. hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
Information

Published : 2014-05-08 14:29

Updated : 2023-12-10 11:31

NVD link : CVE-2013-4544

Mitre link : CVE-2013-4544

CVE.ORG link : CVE-2013-4544

JSON object : View

Products Affected

canonical

  • ubuntu_linux

qemu

  • qemu
CWE
CWE-20

Improper Input Validation