{"uuid": "3db7c1a0-c56d-49ec-8515-ec5352cdcf23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-2016", "type": "seen", "source": "https://t.me/cibsecurity/8922", "content": "ATENTION\u203c New - CVE-2013-2016\n\nA flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-12-31T00:56:31.000000Z"}