Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 507692 (CVE-2013-4544)

Summary: <app-emulation/qemu-2.0.0: vmxnet3: bounds checking buffer overrun (CVE-2013-4544)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: cardoe, qemu+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2014-04-15 09:42:26 UTC
From ${URL} :

An array index bounds overrun flaw has been discovered in the vmxnet3 device
as emulated by qemu.

A privileged guest user could use this flaw to corrupt qemu process' memory on the host, which could 
potentially result in arbitrary code execution on the host with the privileges of the qemu process.

Upstream fix:

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 SpanKY gentoo-dev 2014-06-06 01:18:14 UTC
fixes are in the 2.0.0 release
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2014-06-19 07:11:15 UTC
CVE-2013-4544 (
  hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest
  users to cause a denial of service or possibly execute arbitrary code via
  vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. 
  NOTE: some of these details are obtained from third party information.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2014-08-31 11:30:56 UTC
This issue was resolved and addressed in
 GLSA 201408-17 at
by GLSA coordinator Kristian Fiskerstrand (K_F).