Vulnerability Description
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Ubuntu Linux | 10.04 |
| Qemu | Qemu | <= 1.7.1 |
Related Weaknesses (CWE)
References
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009f
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62a
- http://secunia.com/advisories/58191Vendor Advisory
- http://thread.gmane.org/gmane.comp.emulators.qemu/265562
- http://ubuntu.com/usn/usn-2182-1
- http://www.osvdb.org/106013
- https://bugzilla.redhat.com/show_bug.cgi?id=1087513
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009f
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62a
- http://secunia.com/advisories/58191Vendor Advisory
- http://thread.gmane.org/gmane.comp.emulators.qemu/265562
FAQ
What is CVE-2013-4544?
CVE-2013-4544 is a vulnerability with a CVSS score of 4.9 (MEDIUM). hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or...
How severe is CVE-2013-4544?
CVE-2013-4544 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4544?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Qemu Qemu.