exploitDog

CVE-2013-4542

Опубликовано: 04 нояб. 2014

Источник: debian

EPSS Низкий

Описание

The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	2.1+dfsg-1		package
qemu	no-dsa		wheezy	package
qemu	no-dsa		squeeze	package
qemu-kvm	no-dsa		wheezy	package
qemu-kvm	removed			package
qemu-kvm	no-dsa		squeeze	package

Примечания

virtio-scsi support introduced in v1.1: http://wiki.qemu.org/ChangeLog/1.1

EPSS

Процентиль: 83%

0.02095

Низкий

Связанные уязвимости

CVE-2013-4542

ubuntu

почти 11 лет назад

The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.

CVE-2013-4542

redhat

больше 11 лет назад

The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.

CVE-2013-4542

nvd

почти 11 лет назад

The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.

GHSA-77m2-2x4h-2jg6

github

около 3 лет назад

The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.

ELSA-2014-0743

oracle-oval

около 11 лет назад

ELSA-2014-0743: qemu-kvm security and bug fix update (MODERATE)

EPSS

Процентиль: 83%

0.02095

Низкий