{"vulnerability": "CVE-2013-2016", "sightings": [{"uuid": "adf5f9eb-beb0-48ba-890a-224eb6fd7c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-2016", "type": "seen", "source": "https://t.me/ctinow/210421", "content": "https://ift.tt/ITYHAy2\nCVE-2013-2016 | QEMU 1.3.0 Virtio privileges management (XFDB-83850 / Nessus ID 73939)", "creation_timestamp": "2024-03-18T12:11:24.000000Z"}, {"uuid": "3db7c1a0-c56d-49ec-8515-ec5352cdcf23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-2016", "type": "seen", "source": "https://t.me/cibsecurity/8922", "content": "ATENTION\u203c New - CVE-2013-2016\n\nA flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-12-31T00:56:31.000000Z"}]}