CVE-2013-4544

Published: May 8, 2014Modified: May 6, 2026

4.9

Vector

AV:A/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 4.4 / Impact: 6.4

Source: NVD

Description

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

Affected (33)

Products: Canonical: Ubuntu Linux · Qemu: Qemu

1 product

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 10.04
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 12.10
Canonical Ubuntu Linux	Version 13.10
Canonical Ubuntu Linux	Version 14.04

Configuration B

28 vulnerable

Vulnerable Software	Affected Versions
Qemu Qemu	Up to 1.7.1
Qemu Qemu	Version 1.0.1
Qemu Qemu	Version 1.0
Qemu Qemu	Version 1.0 rc1
Qemu Qemu	Version 1.0 rc2
Qemu Qemu	Version 1.0 rc3
Qemu Qemu	Version 1.0 rc4
Qemu Qemu	Version 1.1
Qemu Qemu	Version 1.1 rc1
Qemu Qemu	Version 1.1 rc2
Qemu Qemu	Version 1.1 rc3
Qemu Qemu	Version 1.1 rc4
Qemu Qemu	Version 1.4.1
Qemu Qemu	Version 1.4.2
Qemu Qemu	Version 1.5.0
Qemu Qemu	Version 1.5.0 rc1
Qemu Qemu	Version 1.5.0 rc2
Qemu Qemu	Version 1.5.0 rc3
Qemu Qemu	Version 1.5.1
Qemu Qemu	Version 1.5.2
Qemu Qemu	Version 1.5.3
Qemu Qemu	Version 1.6.0
Qemu Qemu	Version 1.6.0 rc1
Qemu Qemu	Version 1.6.0 rc2
Qemu Qemu	Version 1.6.0 rc3
Qemu Qemu	Version 1.6.1
Qemu Qemu	Version 1.6.2
Qemu Qemu	Version 2.0.0 rc0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484

Source: secalert@redhat.com

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689

Source: secalert@redhat.com

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb

Source: secalert@redhat.com

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7

Source: secalert@redhat.com

http://secunia.com/advisories/58191

Source: secalert@redhat.com

Vendor Advisory

http://thread.gmane.org/gmane.comp.emulators.qemu/265562

Source: secalert@redhat.com

http://ubuntu.com/usn/usn-2182-1

Source: secalert@redhat.com

http://www.osvdb.org/106013

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1087513

Source: secalert@redhat.com

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb

Source: af854a3a-2127-422b-91ae-364da2661108

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/58191

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://thread.gmane.org/gmane.comp.emulators.qemu/265562

Source: af854a3a-2127-422b-91ae-364da2661108

http://ubuntu.com/usn/usn-2182-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/106013

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=1087513

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.