Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-4536

Опубликовано: 28 мая 2021
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.6
CVSS3: 7.8

Описание

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

РелизСтатусПримечание
devel

not-affected

2.1+dfsg-2ubuntu1
esm-infra-legacy/trusty

not-affected

2.0.0+dfsg-2ubuntu1.3
lucid

DNE

precise

DNE

quantal

DNE

saucy

ignored

end of life
trusty

released

2.0.0+dfsg-2ubuntu1.3
trusty/esm

not-affected

2.0.0+dfsg-2ubuntu1.3
upstream

needed

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

lucid

not-affected

code not present
precise

released

1.0+noroms-0ubuntu14.17
quantal

ignored

end of life
saucy

DNE

trusty

DNE

trusty/esm

DNE

upstream

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 12%
0.00044
Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2013-4536

redhat
больше 11 лет назад

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

nvd логотип

CVE-2013-4536

CVSS3: 7.8
nvd
около 4 лет назад

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

debian логотип

CVE-2013-4536

CVSS3: 7.8
debian
около 4 лет назад

An user able to alter the savevm data (either on the disk or over the ...

github логотип

GHSA-9gq4-xvgv-m3gv

CVSS3: 7.8
github
больше 3 лет назад

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

fstec логотип

BDU:2021-04590

CVSS3: 7.8
fstec
около 12 лет назад

Уязвимость функционала savevm эмулятора аппаратного обеспечения QEMU, связанная с небезопасным управлением привилегиями, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 12%
0.00044
Низкий

4.6 Medium

CVSS2

7.8 High

CVSS3