CVE-2013-4537

Опубликовано: 03 дек. 2013

Источник: redhat

CVSS2: 3.7

EPSS Низкий

Описание

The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.

Отчет

Not vulnerable. This issue does not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5. This issue does not affect the versions of qemu-kvm package as shipped with Red Hat Enterprise Linux 6

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kvm	Not affected
Red Hat Enterprise Linux 6	qemu-kvm	Not affected
Red Hat Enterprise Linux 7	qemu-kvm	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1066394qemu: ssi-sd: buffer overrun on invalid state load

EPSS

Процентиль: 83%

0.01904

Низкий

3.7 Low

CVSS2

Связанные уязвимости

CVE-2013-4537

ubuntu

больше 11 лет назад

The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.

CVE-2013-4537

nvd

больше 11 лет назад

The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.

CVE-2013-4537

debian

больше 11 лет назад

The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 al ...

GHSA-mhh8-cmv6-m67q

github

больше 3 лет назад

The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.

openSUSE-SU-2016:0914-1

suse-cvrf

почти 10 лет назад

Security update for xen

EPSS

Процентиль: 83%

0.01904

Низкий

3.7 Low

CVSS2