Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0241

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2013-0241
Last Modified 06 Feb 2014 11:44:38
Published 12 Feb 2013 08:55:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-0241

Summary

The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 11.10

  • Canonical Ubuntu Linux 12.04

  • Qxl Graphics Driver Project Xf86-video-qxl 0.1.0

  • Redhat Enterprise Linux Desktop 6.0

  • Redhat Enterprise Linux Server 6.0

  • Redhat Enterprise Linux Workstation 6.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=906032

XF - qxl-virtual-spice-dos(81704)

UBUNTU - USN-1714-1

MLIST - [oss-security] 20130130 Re: CVE request -- qxl: synchronous io guest DoS

MLIST - [oss-security] 20130130 CVE request -- qxl: synchronous io guest DoS

SECUNIA - 52021

REDHAT - RHSA-2013:0218

CONFIRM - https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0036

MANDRIVA - MDVSA-2013:138


Last Updated: 27 May 2016 11:01:50