Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x prior to 1.7.2 allows remote malicious users to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu 1.0 |
||
qemu qemu 1.1 |
||
qemu qemu 1.6.0 |
||
qemu qemu 1.5.0 |
||
qemu qemu 1.5.3 |
||
qemu qemu 1.5.1 |
||
qemu qemu 1.5.2 |
||
qemu qemu 1.0.1 |
||
qemu qemu 1.7.1 |
||
qemu qemu 1.4.1 |
||
qemu qemu 1.4.2 |
||
qemu qemu 1.6.2 |
||
qemu qemu 1.6.1 |