Description
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.
References (9)
Core 9
Core References
Patch x_refsource_confirm
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8c6c0478996e8f77374e69b6df68655b0b4ba689
Patch x_refsource_confirm
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3c99afc779c2c78718a565ad8c5e98de7c2c7484
Patch x_refsource_confirm
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f12d048a523780dbda702027d4a91b62af1a08d7
Patch x_refsource_confirm
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=9878d173f574df74bde0ff50b2f81009fbee81bb
Various Sources mailing-list
x_refsource_mlist
http://thread.gmane.org/gmane.comp.emulators.qemu/265562
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1087513
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/106013
Various Sources vendor-advisory
x_refsource_ubuntu
http://ubuntu.com/usn/usn-2182-1
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58191
Scores
EPSS
0.0011
EPSS Percentile
29.1%
Details
CWE
CWE-20
Status
published
Products (19)
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
12.10
canonical/ubuntu_linux
13.10
canonical/ubuntu_linux
14.04
qemu/qemu
1.0 (5 CPE variants)
qemu/qemu
1.0.1
qemu/qemu
1.1 (5 CPE variants)
qemu/qemu
1.4.1
qemu/qemu
1.4.2
... and 9 more
Published
May 08, 2014
Tracked Since
Feb 18, 2026