cve-2013-4544
Vulnerability from cvelistv5
Published
2014-05-08 14:00
Modified
2024-08-06 16:45
Severity ?
EPSS score ?
Summary
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T16:45:14.848Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[qemu] 20140404 [PATCH V2 0/4] CVE-2013-4544", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://thread.gmane.org/gmane.comp.emulators.qemu/265562" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087513" }, { "name": "106013", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/106013" }, { "name": "USN-2182-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://ubuntu.com/usn/usn-2182-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb" }, { "name": "58191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/58191" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-04-04T00:00:00", "descriptions": [ { "lang": "en", "value": "hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-05-08T12:57:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "[qemu] 20140404 [PATCH V2 0/4] CVE-2013-4544", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://thread.gmane.org/gmane.comp.emulators.qemu/265562" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087513" }, { "name": "106013", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/106013" }, { "name": "USN-2182-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://ubuntu.com/usn/usn-2182-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb" }, { "name": "58191", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/58191" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4544", "datePublished": "2014-05-08T14:00:00", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2024-08-06T16:45:14.848Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2013-4544\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-05-08T14:29:11.580\",\"lastModified\":\"2023-11-07T02:16:20.753\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"hw/net/vmxnet3.c en QEMU 2.0.0-rc0, 1.7.1, y anteriores permite a usuarios locales invitados causar una denegaci\u00f3n de servicio o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con n\u00fameros de cola (1) RX o (2) TX o (3) indices interrupt. NOTA: algunos de estos detalles se obtienen de informaci\u00f3n de terceras partes.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:S/C:P/I:P/A:P\",\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.9},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*\",\"matchCriteriaId\":\"7118F616-25CA-4E34-AA13-4D14BB62419F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*\",\"matchCriteriaId\":\"F5D324C4-97C7-49D3-A809-9EAD4B690C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F61F047-129C-41A6-8A27-FFCBB8563E91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.1\",\"matchCriteriaId\":\"535B1295-C195-4EFD-8509-C6DE3FAF3F3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E66599D-9EC4-409C-BD26-62EC3B001984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CF80F8D-5402-4AA6-ABB1-EEBD8EA0BBDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"92FE0592-3611-4F93-A0B2-73ADFBF87FB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"795EDF48-6FE0-4DE7-A57F-632BF0043677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"17B83487-28EC-4EF0-9703-BD86384C1276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15A780B6-2BF3-480C-A519-16D1BFF2FC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8771F32-FFD2-43BD-B660-2CA8F6C41C5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E89E31-F32D-4035-8923-7A5728E75DDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"436BABC6-3D1C-4945-AADF-ED4D7C686E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3307CBF-525D-4F66-A7A6-B0B273C0BD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.1:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0A03725-CE1B-451F-8E14-9168E417692C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59B3B915-1606-48E4-9EFC-BD9D6A6D404A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA86C99D-E544-471F-8F8E-94525E600132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"998961D0-6B1E-4237-AFC3-2E1E4D90BDE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"35B1E3F1-4647-47FF-9546-0742F10B607B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0147F4B2-0591-4681-AE24-975AB6A349D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"97757FF0-D0D6-4BFE-811A-6398D8520D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F126B1-284B-4B3A-8540-1498628C46F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8D5F0C-85F5-46D1-B77C-4A7CCE2D69B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"508383F4-B6EE-4C64-AE63-209EA87DF557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB7A7593-FAC0-4336-84AF-EC367059D5C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.6.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E8BE223-9122-416D-AA1D-694B19C80A4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.6.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"331C6EE9-9DA2-4FE1-8446-C9CC21353332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.6.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"383C575E-724D-4F97-9E0C-CDE50499C3D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEC5BC38-FFBD-4484-943D-47A0AADD20B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59FC829F-2AC7-4CB5-8F03-967906DE9028\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qemu:qemu:2.0.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"D583599F-AE5E-40E4-8489-62FD1D0A7845\"}]}]}],\"references\":[{\"url\":\"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/58191\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://thread.gmane.org/gmane.comp.emulators.qemu/265562\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://ubuntu.com/usn/usn-2182-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/106013\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1087513\",\"source\":\"secalert@redhat.com\"}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.