Published: 04/11/2014 Updated: 13/02/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU prior to 1.7.2 allow remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 1.0
qemu qemu 0.12.2
qemu qemu 0.12.0
qemu qemu
qemu qemu 1.1
qemu qemu 1.6.0
qemu qemu 0.1.6
qemu qemu 1.5.0
qemu qemu 0.13.0
qemu qemu 0.5.3
qemu qemu 0.4.2
qemu qemu 0.10.3
qemu qemu 1.5.3
qemu qemu 0.15.2
qemu qemu 0.11.0-rc1
qemu qemu 0.1.5
qemu qemu 1.5.1
qemu qemu 0.5.1
qemu qemu 0.8.2
qemu qemu 0.11.0
qemu qemu 0.5.5
qemu qemu 0.10.1
qemu qemu 0.9.0
qemu qemu 0.7.2
qemu qemu 0.12.5
qemu qemu 0.1.3
qemu qemu 0.14.0
qemu qemu 0.11.1
qemu qemu 1.5.2
qemu qemu 0.7.1
qemu qemu 0.9.1-5
qemu qemu 1.0.1
qemu qemu 0.15.0
qemu qemu 0.5.0
qemu qemu 0.14.1
qemu qemu 0.8.1
qemu qemu 0.11.0-rc2
qemu qemu 0.10.0
qemu qemu 0.15.1
qemu qemu 0.4.1
qemu qemu 1.4.1
qemu qemu 0.5.2
qemu qemu 0.12.3
qemu qemu 0.1.1
qemu qemu 1.4.2
qemu qemu 0.7.0
qemu qemu 0.1.4
qemu qemu 0.9.1
qemu qemu 0.6.0
qemu qemu 0.6.1
qemu qemu 1.6.2
qemu qemu 0.10.6
qemu qemu 1.6.1
qemu qemu 0.11.0-rc0
qemu qemu 0.4.3
qemu qemu 0.1.2
qemu qemu 0.5.4
qemu qemu 0.12.4
qemu qemu 0.10.5
qemu qemu 0.10.4
qemu qemu 0.10.2
qemu qemu 0.12.1
qemu qemu 0.8.0
qemu qemu 0.1.0
qemu qemu 0.2.0
qemu qemu 0.3.0
qemu qemu 0.4.0

Debian Bug report logs - #739589 multiple security flaws in migration stream processing Package: qemu; Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 20 Feb 2014 08:36:01 UT ...

Several security issues were fixed in QEMU ...

Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323c in QEMU before 172 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image ...

CWE-119 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead7a57df37d2187813a121308213f41591bd811 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739589 https://usn.ubuntu.com/2342-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-4538

CVE-2013-4538

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect