CVE-2013-4344

EPSS 0.07%

qemu-kvm - security update

發布日:2013/10/4修改日:2026/4/28

描述

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

受影響套件(4)

Debian/qemufrom 0, < 1.6.0+dfsg-2
Debian/qemufrom 0, < 1.1.2+dfsg-6a+deb7u3
Debian/qemu-kvmfrom 0, < 1.1.2+dfsg-6+deb7u3
Debian/xenfrom 0, < 4.2-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4344