Buffer overflow

2013-10-0417:55:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

CPENameOperatorVersion
ubuntu_linuxeq13.10
ubuntu_linuxeq12.10
ubuntu_linuxeq12.04
opensuseeq12.3
opensuseeq13.1
qemule1.6.2
enterprise_linux_desktopeq6.0
enterprise_linux_servereq6.0
enterprise_linux_workstationeq6.0
virtualizationeq3.0

Name	Operator	Version
ubuntu_linux	eq	13.10
ubuntu_linux	eq	12.10
ubuntu_linux	eq	12.04
opensuse	eq	12.3
opensuse	eq	13.1
qemu	le	1.6.2
enterprise_linux_desktop	eq	6.0
enterprise_linux_server	eq	6.0
enterprise_linux_workstation	eq	6.0
virtualization	eq	3.0