CVE-2013-4544

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 4.4 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7
http://secunia.com/advisories/58191	Vendor Advisory
http://thread.gmane.org/gmane.comp.emulators.qemu/265562
http://ubuntu.com/usn/usn-2182-1
http://www.osvdb.org/106013
https://bugzilla.redhat.com/show_bug.cgi?id=1087513
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7
http://secunia.com/advisories/58191	Vendor Advisory
http://thread.gmane.org/gmane.comp.emulators.qemu/265562
http://ubuntu.com/usn/usn-2182-1
http://www.osvdb.org/106013
https://bugzilla.redhat.com/show_bug.cgi?id=1087513

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

Configuration 2 (hide)

OR	cpe:2.3:a:qemu:qemu::::::::
	cpe:2.3:a:qemu:qemu:1.0:::::::*
	cpe:2.3:a:qemu:qemu:1.0:rc1::::::
	cpe:2.3:a:qemu:qemu:1.0:rc2::::::
	cpe:2.3:a:qemu:qemu:1.0:rc3::::::
	cpe:2.3:a:qemu:qemu:1.0:rc4::::::
	cpe:2.3:a:qemu:qemu:1.0.1:::::::*
	cpe:2.3:a:qemu:qemu:1.1:::::::*
	cpe:2.3:a:qemu:qemu:1.1:rc1::::::
	cpe:2.3:a:qemu:qemu:1.1:rc2::::::
	cpe:2.3:a:qemu:qemu:1.1:rc3::::::
	cpe:2.3:a:qemu:qemu:1.1:rc4::::::
	cpe:2.3:a:qemu:qemu:1.4.1:::::::*
	cpe:2.3:a:qemu:qemu:1.4.2:::::::*
	cpe:2.3:a:qemu:qemu:1.5.0:::::::*
	cpe:2.3:a:qemu:qemu:1.5.0:rc1::::::
	cpe:2.3:a:qemu:qemu:1.5.0:rc2::::::
	cpe:2.3:a:qemu:qemu:1.5.0:rc3::::::
	cpe:2.3:a:qemu:qemu:1.5.1:::::::*
	cpe:2.3:a:qemu:qemu:1.5.2:::::::*
	cpe:2.3:a:qemu:qemu:1.5.3:::::::*
	cpe:2.3:a:qemu:qemu:1.6.0:::::::*
	cpe:2.3:a:qemu:qemu:1.6.0:rc1::::::
	cpe:2.3:a:qemu:qemu:1.6.0:rc2::::::
	cpe:2.3:a:qemu:qemu:1.6.0:rc3::::::
	cpe:2.3:a:qemu:qemu:1.6.1:::::::*
	cpe:2.3:a:qemu:qemu:1.6.2:::::::*
	cpe:2.3:a:qemu:qemu:2.0.0:rc0::::::

History

21 Nov 2024, 01:55

Type	Values Removed	Values Added
References	~~() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484 -~~	() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484 -
References	~~() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689 -~~	() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689 -
References	~~() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb -~~	() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb -
References	~~() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7 -~~	() http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7 -
References	~~() http://secunia.com/advisories/58191 - Vendor Advisory~~	() http://secunia.com/advisories/58191 - Vendor Advisory
References	~~() http://thread.gmane.org/gmane.comp.emulators.qemu/265562 -~~	() http://thread.gmane.org/gmane.comp.emulators.qemu/265562 -
References	~~() http://ubuntu.com/usn/usn-2182-1 -~~	() http://ubuntu.com/usn/usn-2182-1 -
References	~~() http://www.osvdb.org/106013 -~~	() http://www.osvdb.org/106013 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=1087513 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=1087513 -

07 Nov 2023, 02:16

Type	Values Removed	Values Added
Summary	hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.	hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

Information

Published : 2014-05-08 14:29

Updated : 2025-04-12 10:46

NVD link : CVE-2013-4544

Mitre link : CVE-2013-4544

CVE.ORG link : CVE-2013-4544

JSON object : View

Products Affected

canonical

ubuntu_linux

qemu

qemu

CWE

CWE-20

Improper Input Validation

4.9 /10