CVE-2013-4149
QEMU 1.3.0-1.7.1 - Buffer Overflow in virtio-net MAC Table Handling
Title source: llmDescription
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
References (4)
Core 4
Core References
Patch mailing-list
x_refsource_mlist
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0927.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
Patch x_refsource_confirm
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=98f93ddd84800f207889491e0b5d851386b459cf
Scores
EPSS
0.0408
EPSS Percentile
88.7%
Details
CWE
CWE-119
Status
published
Products (12)
qemu/qemu
1.3.0 (4 CPE variants)
qemu/qemu
1.3.1
qemu/qemu
1.4.1
qemu/qemu
1.4.2
qemu/qemu
1.5.0 (4 CPE variants)
qemu/qemu
1.5.1
qemu/qemu
1.5.2
qemu/qemu
1.5.3
qemu/qemu
1.6.0 (4 CPE variants)
qemu/qemu
1.6.1
... and 2 more
Published
Nov 04, 2014
Tracked Since
Feb 18, 2026