Описание
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.1+dfsg-2ubuntu1 |
| esm-infra-legacy/trusty | released | 2.0.0+dfsg-2ubuntu1.3 |
| lucid | DNE | |
| precise | DNE | |
| quantal | DNE | |
| saucy | ignored | end of life |
| trusty | released | 2.0.0+dfsg-2ubuntu1.3 |
| trusty/esm | released | 2.0.0+dfsg-2ubuntu1.3 |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | not-affected | code not present |
| precise | not-affected | code not present |
| quantal | ignored | end of life |
| saucy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needed |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU be ...
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
ELSA-2014-0743: qemu-kvm security and bug fix update (MODERATE)
EPSS
7.5 High
CVSS2