| ID |
CVE-2013-0241
|
| Summary |
The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:qxl_graphics_driver_project:xf86-video-qxl:0.1.0:*:*:*:*:*:*:*
cpe:2.3:o:qxl_graphics_driver_project:xf86-video-qxl:0.1.0:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
-
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 2.1 (as of 13-02-2023 - 04:40) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-399 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
| redhat
via4
|
| advisories | | bugzilla | | id | 906032 | | title | CVE-2013-0241 qxl: synchronous io guest DoS |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| comment | xorg-x11-drv-qxl is earlier than 0:0.0.14-14.el6_3 | | oval | oval:com.redhat.rhsa:tst:20130218001 |
| comment | xorg-x11-drv-qxl is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhba:tst:20141376200 |
|
|
| | rhsa | | id | RHSA-2013:0218 | | released | 2013-01-31 | | severity | Moderate | | title | RHSA-2013:0218: xorg-x11-drv-qxl security update (Moderate) |
|
| | rpms | - xorg-x11-drv-qxl-0:0.0.14-14.el6_3
- xorg-x11-drv-qxl-debuginfo-0:0.0.14-14.el6_3
|
|
| refmap
via4
|
| confirm | | | mandriva | MDVSA-2013:138 | | mlist | - [oss-security] 20130130 CVE request -- qxl: synchronous io guest DoS
- [oss-security] 20130130 Re: CVE request -- qxl: synchronous io guest DoS
| | secunia | 52021 | | ubuntu | USN-1714-1 | | xf | qxl-virtual-spice-dos(81704) |
|
| Last major update |
13-02-2023 - 04:40 |
| Published |
13-02-2013 - 01:55 |
| Last modified |
13-02-2023 - 04:40 |
