CVE-2013-4544
Mandriva Linux Security Advisory 2014-220
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
hw/net/vmxnet3.c en QEMU 2.0.0-rc0, 1.7.1, y anteriores permite a usuarios locales invitados causar una denegación de servicio o posiblemente ejecutar código arbitrario a través de vectores relacionados con números de cola (1) RX o (2) TX o (3) indices interrupt. NOTA: algunos de estos detalles se obtienen de información de terceras partes.
Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. Various other issues have also been addressed.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-06-12 CVE Reserved
- 2014-04-28 CVE Published
- 2024-08-06 CVE Updated
- 2025-05-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484 | X_refsource_confirm | |
| http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689 | X_refsource_confirm | |
| http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb | X_refsource_confirm | |
| http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7 | X_refsource_confirm | |
| http://thread.gmane.org/gmane.comp.emulators.qemu/265562 | Mailing List | |
| http://www.osvdb.org/106013 | Vdb Entry | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1087513 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/58191 | 2023-11-07 | |
| http://ubuntu.com/usn/usn-2182-1 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 10.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 13.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "13.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | <= 1.7.1 Search vendor "Qemu" for product "Qemu" and version " <= 1.7.1" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.0 Search vendor "Qemu" for product "Qemu" and version "1.0" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.0 Search vendor "Qemu" for product "Qemu" and version "1.0" | rc1 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.0 Search vendor "Qemu" for product "Qemu" and version "1.0" | rc2 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.0 Search vendor "Qemu" for product "Qemu" and version "1.0" | rc3 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.0 Search vendor "Qemu" for product "Qemu" and version "1.0" | rc4 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.0.1 Search vendor "Qemu" for product "Qemu" and version "1.0.1" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.1 Search vendor "Qemu" for product "Qemu" and version "1.1" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.1 Search vendor "Qemu" for product "Qemu" and version "1.1" | rc1 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.1 Search vendor "Qemu" for product "Qemu" and version "1.1" | rc2 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.1 Search vendor "Qemu" for product "Qemu" and version "1.1" | rc3 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.1 Search vendor "Qemu" for product "Qemu" and version "1.1" | rc4 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.4.1 Search vendor "Qemu" for product "Qemu" and version "1.4.1" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.4.2 Search vendor "Qemu" for product "Qemu" and version "1.4.2" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.0 Search vendor "Qemu" for product "Qemu" and version "1.5.0" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.0 Search vendor "Qemu" for product "Qemu" and version "1.5.0" | rc1 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.0 Search vendor "Qemu" for product "Qemu" and version "1.5.0" | rc2 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.0 Search vendor "Qemu" for product "Qemu" and version "1.5.0" | rc3 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.1 Search vendor "Qemu" for product "Qemu" and version "1.5.1" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.2 Search vendor "Qemu" for product "Qemu" and version "1.5.2" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.5.3 Search vendor "Qemu" for product "Qemu" and version "1.5.3" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.6.0 Search vendor "Qemu" for product "Qemu" and version "1.6.0" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.6.0 Search vendor "Qemu" for product "Qemu" and version "1.6.0" | rc1 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.6.0 Search vendor "Qemu" for product "Qemu" and version "1.6.0" | rc2 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.6.0 Search vendor "Qemu" for product "Qemu" and version "1.6.0" | rc3 |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.6.1 Search vendor "Qemu" for product "Qemu" and version "1.6.1" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 1.6.2 Search vendor "Qemu" for product "Qemu" and version "1.6.2" | - |
Affected
| ||||||
| Qemu Search vendor "Qemu" | Qemu Search vendor "Qemu" for product "Qemu" | 2.0.0 Search vendor "Qemu" for product "Qemu" and version "2.0.0" | rc0 |
Affected
| ||||||