CVE-2013-4151

Опубликовано: 04 нояб. 2014

Источник: debian

EPSS Низкий

Описание

The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	2.1+dfsg-1		package
qemu	no-dsa		wheezy	package
qemu	no-dsa		squeeze	package
qemu-kvm	removed			package
qemu-kvm	no-dsa		wheezy	package
qemu-kvm	no-dsa		squeeze	package

EPSS

Процентиль: 80%

0.01385

Низкий

Связанные уязвимости

CVE-2013-4151

ubuntu

почти 11 лет назад

The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

CVE-2013-4151

redhat

больше 11 лет назад

The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

CVE-2013-4151

nvd

почти 11 лет назад

The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

GHSA-rxxv-p4v6-jrg6

github

около 3 лет назад

The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

ELSA-2014-0743

oracle-oval

около 11 лет назад

ELSA-2014-0743: qemu-kvm security and bug fix update (MODERATE)

EPSS

Процентиль: 80%

0.01385

Низкий