CVE Vulnerabilities

CVE-2013-4377

Published: Oct 11, 2013 | Modified: Mar 06, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.3 LOW
AV:A/AC:M/Au:S/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by hot-unplugging a virtio device.

Affected Software

Name Vendor Start Version End Version
Qemu Qemu 1.6.0 1.6.0
Qemu Qemu 1.5.0 1.5.0
Qemu Qemu 1.5.3 1.5.3
Qemu Qemu 1.5.0 1.5.0
Qemu Qemu 1.6.0 1.6.0
Qemu Qemu 1.5.1 1.5.1
Qemu Qemu 1.5.0 1.5.0
Qemu Qemu 1.5.2 1.5.2
Qemu Qemu 1.5.0 1.5.0
Qemu Qemu 1.4.1 1.4.1
Qemu Qemu 1.6.0 1.6.0
Qemu Qemu 1.4.2 1.4.2
Qemu Qemu 1.6.0 1.6.0
Qemu Qemu 1.4.0 1.4.0

References