CVE-2013-0241

The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.

Published: Feb 13, 2013
Updated: Nov 8, 2023
CVE: CVE-2013-0241
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
qxl_graphics_driver_project / xf86-video-qxl	0.1.0	0.1.0.x
canonical / ubuntu_linux	11.10	11.10.x
canonical / ubuntu_linux	12.04	12.04.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x

http://rhn.redhat.com/errata/RHSA-2013-0218.html
http://secunia.com/advisories/52021
http://www.mandriva.com/security/advisories?name=MDVSA-2013:138
http://www.openwall.com/lists/oss-security/2013/01/30/3
http://www.openwall.com/lists/oss-security/2013/01/30/4
http://www.ubuntu.com/usn/USN-1714-1
https://bugzilla.redhat.com/show_bug.cgi?id=906032
https://exchange.xforce.ibmcloud.com/vulnerabilities/81704
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0036

Vulnerability Database

290,476

CVE-2013-0241