CVE-2013-4375 — Qemu vulnerability

CWE-3999 documents7 sources

Severity

2.7LOWNVD

EPSS

0.1%

top 74.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu XEN Debian Qemu +1 more

Timeline

PublishedJan 19

Latest updateMay 17

Description

The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.

CVSS vector

AV:A/AC:L/C:N/I:N/A:PExploitability: 5.1 | Impact: 2.9

Affected Packages6 packages

▶debiandebian/qemu< qemu 1.7.0+dfsg-1 (bookworm)

▶Debianqemu/qemu< 1.7.0+dfsg-1+3

▶NVDqemu/qemu1.1

▶debiandebian/xen< qemu 1.7.0+dfsg-1 (bookworm)

▶Debianxen/xen< 4.2+3

🔴Vulnerability Details

GHSA

GHSA-r2r6-6c3p-xvx5: The qdisk PV disk backend in qemu-xen in Xen 4↗2022-05-17

▶

OSV

CVE-2013-4375: The qdisk PV disk backend in qemu-xen in Xen 4↗2014-01-19

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2014-01-30

▶

Red Hat

xen: qemu disk backend (qdisk) resource leak (XSA-71)↗2013-10-10

▶

Debian

CVE-2013-4375: qemu - The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and q...↗2013

▶

💬Community

Bugzilla

CVE-2013-4375 qemu: xen: qemu disk backend (qdisk) resource leak (XSA-71) [fedora-all]↗2013-10-10

▶

Bugzilla

CVE-2013-4371 CVE-2013-4370 CVE-2013-4368 CVE-2013-4369 CVE-2013-4375 xen: various flaws [fedora-all]↗2013-10-10

▶

Bugzilla

CVE-2013-4375 xen: qemu disk backend (qdisk) resource leak (XSA-71)↗2013-09-26

▶