CVE-2013-4148
04.11.2014, 21:55
Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.Enginsight
| Vendor | Product | Version |
|---|---|---|
| qemu | qemu | 1.0 |
| qemu | qemu | 1.0:rc1 |
| qemu | qemu | 1.0:rc2 |
| qemu | qemu | 1.0:rc3 |
| qemu | qemu | 1.0:rc4 |
| qemu | qemu | 1.0.1 |
| qemu | qemu | 1.1 |
| qemu | qemu | 1.1:rc1 |
| qemu | qemu | 1.1:rc2 |
| qemu | qemu | 1.1:rc3 |
| qemu | qemu | 1.1:rc4 |
| qemu | qemu | 1.4.1 |
| qemu | qemu | 1.4.2 |
| qemu | qemu | 1.5.0 |
| qemu | qemu | 1.5.0:rc1 |
| qemu | qemu | 1.5.0:rc2 |
| qemu | qemu | 1.5.0:rc3 |
| qemu | qemu | 1.5.1 |
| qemu | qemu | 1.5.2 |
| qemu | qemu | 1.5.3 |
| qemu | qemu | 1.6.0 |
| qemu | qemu | 1.6.0:rc1 |
| qemu | qemu | 1.6.0:rc2 |
| qemu | qemu | 1.6.0:rc3 |
| qemu | qemu | 1.6.1 |
| qemu | qemu | 1.6.2 |
| qemu | qemu | 1.7.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References