CVE-2013-4377

Опубликовано: 11 июл. 2013

Источник: redhat

CVSS2: 2.3

Описание

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.

Отчет

Not vulnerable. This issue did not affect the version of qemu-kvm as shipped in Red Hat Enterprise Linux 5 and 6.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	qemu-kvm	Not affected
Red Hat Enterprise Linux 6	qemu-kvm	Not affected
Red Hat Enterprise Linux 7	qemu-kvm	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1012633qemu: hot-unplugging virtio devices in guest can crash host qemu process

2.3 Low

CVSS2

Связанные уязвимости

CVE-2013-4377

ubuntu

больше 12 лет назад

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.

CVE-2013-4377

nvd

больше 12 лет назад

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.

CVE-2013-4377

debian

больше 12 лет назад

Use-after-free vulnerability in the virtio-pci implementation in Qemu ...

GHSA-rr2r-jfm5-mmxg

github

больше 3 лет назад

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.

2.3 Low

CVSS2