CVE-2013-4544

high

Description

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1087513

http://www.osvdb.org/106013

http://ubuntu.com/usn/usn-2182-1

http://thread.gmane.org/gmane.comp.emulators.qemu/265562

http://secunia.com/advisories/58191

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484

Details

Source: Mitre, NVD

Published: 2014-05-08

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:A/AC:M/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Severity: High