Improper Input Validation Affecting qemu package, versions <2.0.0+dfsg-1
Snyk CVSS
Attack Complexity
Low
User Interaction
Required
Threat Intelligence
EPSS
0.1% (42nd
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN11-QEMU-523546
- published 8 May 2014
- disclosed 8 May 2014
How to fix?
Upgrade Debian:11
qemu
to version 2.0.0+dfsg-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream qemu
package and not the qemu
package as distributed by Debian
.
See How to fix?
for Debian:11
relevant fixed versions and status.
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
References
- https://security-tracker.debian.org/tracker/CVE-2013-4544
- http://git.qemu.org/?p=qemu.git;a=commit;h=3c99afc779c2c78718a565ad8c5e98de7c2c7484
- http://git.qemu.org/?p=qemu.git;a=commit;h=8c6c0478996e8f77374e69b6df68655b0b4ba689
- http://git.qemu.org/?p=qemu.git;a=commit;h=9878d173f574df74bde0ff50b2f81009fbee81bb
- http://git.qemu.org/?p=qemu.git;a=commit;h=f12d048a523780dbda702027d4a91b62af1a08d7
- http://thread.gmane.org/gmane.comp.emulators.qemu/265562
- http://ubuntu.com/usn/usn-2182-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1087513
- http://secunia.com/advisories/58191
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4544
- http://www.osvdb.org/106013
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7