Executive Summary

Informations
Name CVE-2013-0241 First vendor Publication 2013-02-12
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 2.1 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0241

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18258
 
Oval ID: oval:org.mitre.oval:def:18258
Title: USN-1714-1 -- xserver-xorg-video-qxl vulnerability
Description: Guests using the QXL graphics driver could be caused to hang or crash.
Family: unix Class: patch
Reference(s): USN-1714-1
CVE-2013-0241
 Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.10
 Product(s): xserver-xorg-video-qxl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20722
 
Oval ID: oval:org.mitre.oval:def:20722
Title: RHSA-2013:0218: xorg-x11-drv-qxl security update (Moderate)
Description: The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): RHSA-2013:0218-01
CESA-2013:0218
CVE-2013-0241
 Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): xorg-x11-drv-qxl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23075
 
Oval ID: oval:org.mitre.oval:def:23075
Title: ELSA-2013:0218: xorg-x11-drv-qxl security update (Moderate)
Description: The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): ELSA-2013:0218-01
CVE-2013-0241
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): xorg-x11-drv-qxl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27519
 
Oval ID: oval:org.mitre.oval:def:27519
Title: DEPRECATED: ELSA-2013-0218 -- xorg-x11-drv-qxl security update (moderate)
Description: [0.0.14-14.el6] - backport of upstream commit 30b4b72cdbdf9f0e92a8d1c4e01779f60f15a741 support _ASYNC io calls and interrupt handling (busy wait) Related: #888364
Family: unix Class: patch
Reference(s): ELSA-2013-0218
CVE-2013-0241
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): xorg-x11-drv-qxl
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 2
Os 1
Os 1
Os 1
Os 1

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-0218.nasl - Type : ACT_GATHER_INFO
2013-04-20 Name : The remote Mandriva Linux host is missing a security update.
File : mandriva_MDVSA-2013-138.nasl - Type : ACT_GATHER_INFO
2013-02-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1714-1.nasl - Type : ACT_GATHER_INFO
2013-02-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130131_xorg_x11_drv_qxl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-01 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-0218.nasl - Type : ACT_GATHER_INFO
2013-02-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0218.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://rhn.redhat.com/errata/RHSA-2013-0218.html
http://secunia.com/advisories/52021
http://www.mandriva.com/security/advisories?name=MDVSA-2013:138
http://www.openwall.com/lists/oss-security/2013/01/30/3
http://www.openwall.com/lists/oss-security/2013/01/30/4
http://www.ubuntu.com/usn/USN-1714-1
https://bugzilla.redhat.com/show_bug.cgi?id=906032
https://exchange.xforce.ibmcloud.com/vulnerabilities/81704
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0036
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
Date Informations
2024-11-28 12:33:03
  • Multiple Updates
2023-11-07 21:46:26
  • Multiple Updates
2023-02-13 09:28:35
  • Multiple Updates
2021-05-04 12:23:17
  • Multiple Updates
2021-04-22 01:27:49
  • Multiple Updates
2020-05-23 00:35:41
  • Multiple Updates
2017-08-29 09:24:12
  • Multiple Updates
2016-04-26 22:39:43
  • Multiple Updates
2014-02-17 11:15:28
  • Multiple Updates
2014-02-07 13:20:10
  • Multiple Updates
2013-05-10 22:28:00
  • Multiple Updates
2013-02-13 21:21:14
  • Multiple Updates
2013-02-13 13:19:57
  • First insertion