← Back

Open Desktop Server

open_desktop_server

Vendor: Novell • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2013-2016
3Debian
NovellQemu
4Debian Linux
Open Desktop ServerOpen Enterprise Server+1 more
Nov 21, 2024
Dec 30, 2019
N/A· v4
7.8 HIGH· v3
6.9 MEDIUM· v2
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a pr...Show more
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.Show less