CVE-2013-4377

Published: Oct 11, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[Qemu-devel] 20130920 [PATCH 11/11] virtio-pci: add device_unplugged callback

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=1012633

x_refsource_CONFIRM

55015

third-party-advisory

x_refsource_SECUNIA

USN-2092-1

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20130926 Re: CVE request: qemu host crash from within guest

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4377

Description

Affected Products

References