Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: April 14, 2014
drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.
Related Resources (5)
Upgrade to version 3.13.10
|Attack Vector (AV):||ADJACENT_NETWORK|
|Attack Complexity (AC):||HIGH|
|Privileges Required (PR):||LOW|
|User Interaction (UI):||NONE|
|Access Vector (AV):||ADJACENT|
|Access Complexity (AC):||HIGH|