151 matches found
CVE-2013-4151
The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...
CVE-2013-4537
The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...
DEBIAN-CVE-2013-4537
The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...
DEBIAN-CVE-2013-4529
Buffer overflow in hw/pci/pcieaer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large lognum value in a savevm image...
DEBIAN-CVE-2013-4538
Multiple buffer overflows in the ssd0323load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted 1 cmdlen, 2 row, or 3 col values; 4 rowstart and rowend values; or 5 colstar and...
DEBIAN-CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2013-4533
Buffer overflow in the pxa2xxsspload function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s-rxlevel value in a savevm image...
CVE-2013-4151
The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...
CVE-2013-4531
Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpregvmstatearraylen in a savevm image...
CVE-2013-4541
The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...
CVE-2013-4530
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted txfifohead and rxfifohead values in a savevm image...
CVE-2013-4539
Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...
CVE-2013-4539
Multiple buffer overflows in the tsc210xload function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted 1 precision, 2 nextprecision, 3 function, or 4 nextfunction value in a savevm image...
DEBIAN-CVE-2013-4541
The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...
DEBIAN-CVE-2013-4151
The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...
CVE-2013-4540
Buffer overflow in scoopgpiohandlerupdate in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large 1 prevlevel, 2 gpiolevel, or 3 gpiodir value in a savevm image...
CVE-2013-4537
The ssisdtransfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image...
Integer overflow
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
Buffer overflow
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted txfifohead and rxfifohead values in a savevm image...
Buffer overflow
Multiple buffer overflows in the ssd0323load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via crafted 1 cmdlen, 2 row, or 3 col values; 4 rowstart and rowend values; or 5 colstar and...