Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 507692 (CVE-2013-4544) - <app-emulation/qemu-2.0.0: vmxnet3: bounds checking buffer overrun (CVE-2013-4544)
Summary: <app-emulation/qemu-2.0.0: vmxnet3: bounds checking buffer overrun (CVE-2013-...
Alias: CVE-2013-4544
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2014-04-15 09:42 UTC by Agostino Sarubbo
Modified: 2014-08-31 11:30 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-04-15 09:42:26 UTC
From ${URL} :

An array index bounds overrun flaw has been discovered in the vmxnet3 device
as emulated by qemu.

A privileged guest user could use this flaw to corrupt qemu process' memory on the host, which could 
potentially result in arbitrary code execution on the host with the privileges of the qemu process.

Upstream fix:

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 SpanKY gentoo-dev 2014-06-06 01:18:14 UTC
fixes are in the 2.0.0 release
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2014-06-19 07:11:15 UTC
CVE-2013-4544 (
  hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest
  users to cause a denial of service or possibly execute arbitrary code via
  vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. 
  NOTE: some of these details are obtained from third party information.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2014-08-31 11:30:56 UTC
This issue was resolved and addressed in
 GLSA 201408-17 at
by GLSA coordinator Kristian Fiskerstrand (K_F).