Details of VAR-201401-0178

ID

VAR-201401-0178

CVE

CVE-2013-4375

TITLE

Xen and QEMU of qemu-xen of qdisk PV Service disruption in disk backend (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-005859

DESCRIPTION

The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. Xen is an open source virtual machine monitor developed by the University of Cambridge. Xen 4.2.x, 4.3.x have errors related to mapping authorization references. A domain can be exploited to leak, and then another domain that shares the driver domain is denied service status. Xen is prone to a denial-of-service vulnerability. Successful exploits may allow an attacker to cause a denial-of-service condition. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201407-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Xen: Multiple Vunlerabilities Date: July 16, 2014 Bugs: #440768, #484478, #486354, #497082, #497084, #497086, #499054, #499124, #500528, #500530, #500536, #501080, #501906, #505714, #509054, #513824 ID: 201407-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Xen, the worst of which could lead to arbitrary code execution. Background ========== Xen is a bare-metal hypervisor. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulations/xen < 4.3.2-r4 >= 4.3.2-r4 *>= 4.2.4-r4 2 app-emulations/xen-tools < 4.3.2-r5 >= 4.3.2-r5 *>= 4.2.4-r6 3 app-emulations/xen-pvgrub < 4.3.2 *>= 4.3.2 *>= 4.2.4 ------------------------------------------------------------------- 3 affected packages Description =========== Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker can utilize multiple vectors to execute arbitrary code, cause Denial of Service, or gain access to data on the host. Workaround ========== There is no known workaround at this time. Resolution ========== All Xen 4.3 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulations/xen-4.3.2-r2" All Xen 4.2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulations/xen-4.2.4-r2" All xen-tools 4.3 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulations/xen-tools-4.3.2-r2" All xen-tools 4.2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulations/xen-tools-4.2.4-r2" All Xen PVGRUB 4.3 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulations/xen-pvgrub-4.3.2" All Xen PVGRUB 4.2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulations/xen-pvgrub-4.2.4" References ========== [ 1 ] CVE-2013-1442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1442 [ 2 ] CVE-2013-4329 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4329 [ 3 ] CVE-2013-4355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4355 [ 4 ] CVE-2013-4356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4356 [ 5 ] CVE-2013-4361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4361 [ 6 ] CVE-2013-4368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4368 [ 7 ] CVE-2013-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4369 [ 8 ] CVE-2013-4370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4370 [ 9 ] CVE-2013-4371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4371 [ 10 ] CVE-2013-4375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4375 [ 11 ] CVE-2013-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4416 [ 12 ] CVE-2013-4494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4494 [ 13 ] CVE-2013-4551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4551 [ 14 ] CVE-2013-4553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4553 [ 15 ] CVE-2013-4554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4554 [ 16 ] CVE-2013-6375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6375 [ 17 ] CVE-2013-6400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6400 [ 18 ] CVE-2013-6885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6885 [ 19 ] CVE-2013-6885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6885 [ 20 ] CVE-2014-1642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1642 [ 21 ] CVE-2014-1666 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1666 [ 22 ] CVE-2014-1891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1891 [ 23 ] CVE-2014-1892 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1892 [ 24 ] CVE-2014-1893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1893 [ 25 ] CVE-2014-1894 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1894 [ 26 ] CVE-2014-1895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1895 [ 27 ] CVE-2014-1896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1896 [ 28 ] CVE-2014-2599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2599 [ 29 ] CVE-2014-3124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3124 [ 30 ] CVE-2014-4021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4021 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201407-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ============================================================================ Ubuntu Security Notice USN-2092-1 January 30, 2014 qemu, qemu-kvm vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.10 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: Several security issues were fixed in QEMU. Software Description: - qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Details: Asias He discovered that QEMU incorrectly handled SCSI controllers with more than 256 attached devices. A local user could possibly use this flaw to elevate privileges. (CVE-2013-4344) It was discovered that QEMU incorrectly handled Xen disks. A local guest could possibly use this flaw to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.10 and Ubuntu 13.10. (CVE-2013-4375) Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. This issue only affected Ubuntu 13.10. (CVE-2013-4377) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: qemu-system 1.5.0+dfsg-3ubuntu5.3 qemu-system-arm 1.5.0+dfsg-3ubuntu5.3 qemu-system-mips 1.5.0+dfsg-3ubuntu5.3 qemu-system-misc 1.5.0+dfsg-3ubuntu5.3 qemu-system-ppc 1.5.0+dfsg-3ubuntu5.3 qemu-system-sparc 1.5.0+dfsg-3ubuntu5.3 qemu-system-x86 1.5.0+dfsg-3ubuntu5.3 Ubuntu 12.10: qemu-kvm 1.2.0+noroms-0ubuntu2.12.10.6 Ubuntu 12.04 LTS: qemu-kvm 1.0+noroms-0ubuntu14.13 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2092-1 CVE-2013-4344, CVE-2013-4375, CVE-2013-4377 Package Information: https://launchpad.net/ubuntu/+source/qemu/1.5.0+dfsg-3ubuntu5.3 https://launchpad.net/ubuntu/+source/qemu-kvm/1.2.0+noroms-0ubuntu2.12.10.6 https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.13

Trust: 2.61

sources: NVD: CVE-2013-4375 // JVNDB: JVNDB-2013-005859 // CNVD: CNVD-2013-13722 // BID: 62934 // PACKETSTORM: 127477 // PACKETSTORM: 125004

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-13722

AFFECTED PRODUCTS

vendor:	qemu	model:	qemu	scope:	eq	version:	1.1	Trust: 1.6
vendor:	xen	model:	xen	scope:	eq	version:	4.2.0	Trust: 1.0
vendor:	xen	model:	xen	scope:	eq	version:	4.3.0	Trust: 1.0
vendor:	xen	model:	xen	scope:	eq	version:	4.2.3	Trust: 1.0
vendor:	xen	model:	xen	scope:	eq	version:	4.2.2	Trust: 1.0
vendor:	xen	model:	xen	scope:	eq	version:	4.2.1	Trust: 1.0
vendor:	fabrice bellard	model:	qemu	scope:	eq	version:	1.1 and other versions	Trust: 0.8
vendor:	xen	model:	xen	scope:	eq	version:	4.2.x	Trust: 0.8
vendor:	xen	model:	xen	scope:	lt	version:	4.3.x	Trust: 0.8
vendor:	xen	model:	xen	scope:	eq	version:	4.3.1	Trust: 0.8
vendor:	xensource	model:	xen	scope:	eq	version:	4.2.x	Trust: 0.6
vendor:	xensource	model:	xen	scope:	eq	version:	4.3.x	Trust: 0.6
vendor:	xen	model:	xen	scope:	eq	version:	4.3	Trust: 0.3
vendor:	xen	model:	xen	scope:	eq	version:	4.2	Trust: 0.3
vendor:	ubuntu	model:	linux	scope:	eq	version:	13.10	Trust: 0.3
vendor:	ubuntu	model:	linux	scope:	eq	version:	12.10	Trust: 0.3
vendor:	ubuntu	model:	linux lts	scope:	eq	version:	12.04	Trust: 0.3
vendor:	suse	model:	linux enterprise software development kit sp3	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp3	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp3	scope:	eq	version:	11	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2013-13722 // BID: 62934 // JVNDB: JVNDB-2013-005859 // CNNVD: CNNVD-201310-521 // NVD: CVE-2013-4375

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-4375
value:	LOW
Trust: 1.0
NVD:	CVE-2013-4375
value:	LOW
Trust: 0.8
CNVD:	CNVD-2013-13722
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-201310-521
value:	LOW
Trust: 0.6

nvd@nist.gov:	CVE-2013-4375
severity:	LOW
baseScore:	2.7
vectorString:	AV:A/AC:L/AU:S/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	5.1
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-13722
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2013-13722 // JVNDB: JVNDB-2013-005859 // CNNVD: CNNVD-201310-521 // NVD: CVE-2013-4375

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.8

sources: JVNDB: JVNDB-2013-005859 // NVD: CVE-2013-4375

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201310-521

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201310-521

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005859

PATCH

title:	Xen 4.3.1	url:	http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html	Trust: 0.8
title:	Main Page	url:	http://wiki.qemu.org/Main_Page	Trust: 0.8
title:	XSA-71	url:	http://xenbits.xen.org/xsa/advisory-71.html	Trust: 0.8
title:	Xen QEMU Mapping Authorization Reference Denial of Service Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/40192	Trust: 0.6

sources: CNVD: CNVD-2013-13722 // JVNDB: JVNDB-2013-005859

EXTERNAL IDS

db:	NVD	id:	CVE-2013-4375	Trust: 3.5
db:	OPENWALL	id:	OSS-SECURITY/2013/10/10/14	Trust: 2.2
db:	BID	id:	62934	Trust: 1.5
db:	JVNDB	id:	JVNDB-2013-005859	Trust: 0.8
db:	SECUNIA	id:	55229	Trust: 0.6
db:	CNVD	id:	CNVD-2013-13722	Trust: 0.6
db:	MLIST	id:	[OSS-SECURITY] 20131010 XEN SECURITY ADVISORY 71 (CVE-2013-4375) - QEMU DISK BACKEND (QDISK) RESOURCE LEAK	Trust: 0.6
db:	SECUNIA	id:	56227	Trust: 0.6
db:	SECUNIA	id:	56231	Trust: 0.6
db:	SECUNIA	id:	56069	Trust: 0.6
db:	CNNVD	id:	CNNVD-201310-521	Trust: 0.6
db:	PACKETSTORM	id:	127477	Trust: 0.1
db:	PACKETSTORM	id:	125004	Trust: 0.1

sources: CNVD: CNVD-2013-13722 // BID: 62934 // JVNDB: JVNDB-2013-005859 // PACKETSTORM: 127477 // PACKETSTORM: 125004 // CNNVD: CNNVD-201310-521 // NVD: CVE-2013-4375

REFERENCES

url:	http://www.openwall.com/lists/oss-security/2013/10/10/14	Trust: 2.2
url:	http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html	Trust: 1.6
url:	http://security.gentoo.org/glsa/glsa-201407-03.xml	Trust: 1.1
url:	http://www.ubuntu.com/usn/usn-2092-1	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4375	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4375	Trust: 0.8
url:	http://secunia.com/advisories/55229/	Trust: 0.6
url:	http://secunia.com/advisories/56069	Trust: 0.6
url:	http://secunia.com/advisories/56227	Trust: 0.6
url:	http://secunia.com/advisories/56231	Trust: 0.6
url:	http://www.securityfocus.com/bid/62934	Trust: 0.6
url:	http://xen.xensource.com/	Trust: 0.3
url:	http://seclists.org/oss-sec/2013/q4/62	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4375	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4356	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4494	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-4021	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4370	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-1442	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1892	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1894	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4370	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4361	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4551	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3124	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6375	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1666	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1894	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2599	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4416	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4361	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4369	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4553	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1666	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4554	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1892	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1895	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1895	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1893	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4371	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6400	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4356	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4329	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4368	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4329	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1896	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4355	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1891	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4375	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1893	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4355	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1891	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6885	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1442	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4371	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4494	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6885	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3124	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4368	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1642	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1896	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4369	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4551	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-1642	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-6375	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-2599	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6400	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4553	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4416	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.13	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4344	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4377	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/qemu/1.5.0+dfsg-3ubuntu5.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/qemu-kvm/1.2.0+noroms-0ubuntu2.12.10.6	Trust: 0.1

sources: CNVD: CNVD-2013-13722 // BID: 62934 // JVNDB: JVNDB-2013-005859 // PACKETSTORM: 127477 // PACKETSTORM: 125004 // CNNVD: CNNVD-201310-521 // NVD: CVE-2013-4375

CREDITS

Coverity Scan and Matthew Daley

Trust: 0.9

sources: BID: 62934 // CNNVD: CNNVD-201310-521

SOURCES

db:	CNVD	id:	CNVD-2013-13722
db:	BID	id:	62934
db:	JVNDB	id:	JVNDB-2013-005859
db:	PACKETSTORM	id:	127477
db:	PACKETSTORM	id:	125004
db:	CNNVD	id:	CNNVD-201310-521
db:	NVD	id:	CVE-2013-4375

LAST UPDATE DATE

2024-08-14T13:14:32.946000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-13722	date:	2013-10-16T00:00:00
db:	BID	id:	62934	date:	2015-04-13T22:04:00
db:	JVNDB	id:	JVNDB-2013-005859	date:	2014-01-22T00:00:00
db:	CNNVD	id:	CNNVD-201310-521	date:	2014-01-22T00:00:00
db:	NVD	id:	CVE-2013-4375	date:	2017-01-07T02:59:11.327

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-13722	date:	2013-10-15T00:00:00
db:	BID	id:	62934	date:	2013-10-10T00:00:00
db:	JVNDB	id:	JVNDB-2013-005859	date:	2014-01-22T00:00:00
db:	PACKETSTORM	id:	127477	date:	2014-07-16T22:25:37
db:	PACKETSTORM	id:	125004	date:	2014-01-31T01:24:20
db:	CNNVD	id:	CNNVD-201310-521	date:	2013-10-23T00:00:00
db:	NVD	id:	CVE-2013-4375	date:	2014-01-19T18:55:02.560