CVE-2019-13164

🗓️ 03 Jul 2019 13:56:52Reported by mitreType

qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name is limited to the IFNAMSIZ size, leading to an ACL bypass

Reporter	Title	Published	Views	Family All 81
IBM Security Bulletins	Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze	24 Jul 202021:16	–	ibm
ATTACKERKB	CVE-2019-13164	10 Oct 201914:15	–	attackerkb
Cvelist	CVE-2019-13164	3 Jul 201913:56	–	cvelist
Debian	[SECURITY] [DLA 1927-1] qemu security update	20 Sep 201909:19	–	debian
Debian	[SECURITY] [DSA 4506-1] qemu security update	24 Aug 201909:55	–	debian
Debian	[SECURITY] [DSA 4512-1] qemu security update	2 Sep 201917:58	–	debian
Debian CVE	CVE-2019-13164	3 Jul 201913:56	–	debiancve
Tenable Nessus	Debian DLA-1927-1 : qemu security update	23 Sep 201900:00	–	nessus
Tenable Nessus	Debian DSA-4506-1 : qemu - security update	27 Aug 201900:00	–	nessus
Tenable Nessus	Debian DSA-4512-1 : qemu - security update	3 Sep 201900:00	–	nessus

NVD

Node

qemu qemuMatch3.1

qemu qemuMatch4.0.0

Node

Node

Node

Source	Link
seclists	www.seclists.org/bugtraq/2019/Sep/3
usn	www.usn.ubuntu.com/4191-1/
github	www.github.com/qemu/qemu/commit/03d7712b4bcd47bfe0fe14ba2fffa87e111fa086
lists	www.lists.opensuse.org/opensuse-security-announce/2019-09/msg00000.html
seclists	www.seclists.org/bugtraq/2019/Aug/41
usn	www.usn.ubuntu.com/4191-2/
security	www.security.gentoo.org/glsa/202003-66
debian	www.debian.org/security/2019/dsa-4506
debian	www.debian.org/security/2019/dsa-4512
lists	www.lists.gnu.org/archive/html/qemu-devel/2019-07/msg00145.html

21 Nov 2024 04:24Current

7.3High risk

Vulners AI Score7.3

CVSS 24.6

CVSS 3.17.8

EPSS0.0002