17 matches found
EUVD-2013-4075
Malware in sbrugna...
EUVD-2013-4077
Malware in sbrugna...
Remote Code Execution (RCE)
QEMU is vulnerable to remote code execution. An integer overflow in the virtionetload function in hw/net/virtio-net.c allows a remote attacker to execute arbitrary code via a malicious savevm image...
CVE-2013-4150
The virtionetload function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of currqueues is greater than maxqueues, which triggers an out-of-bounds write...
CVE-2013-4150
The virtionetload function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of currqueues is greater than maxqueues, which triggers an out-of-bounds write...
CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2013-4149
Buffer overflow in virtionetload function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table...
Out-of-bounds
The virtionetload function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of currqueues is greater than maxqueues, which triggers an out-of-bounds write...
Buffer overflow
Buffer overflow in virtionetload function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table...
Integer overflow
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2013-4148
The CVE-2013-4148 entry applies to QEMU 1.x prior to 1.7.2, where an integer signedness error in hw/net/virtio-net.c (virtio_net_load) can trigger a buffer overflow when loading a crafted savevm image. This enables remote code execution with the privileges of the QEMU process, via a state-load/mi...
CVE-2013-4149
Buffer overflow in virtionetload function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table...
CVE-2013-4149
CVE-2013-4149 : In QEMU 1.3.0–1.7.x (before 1.7.2), a buffer overflow in virtio_net_load (net/virtio-net.c) can be triggered by a large MAC table, allowing a remote attacker to execute arbitrary code. Impact: potential full host compromise; CVSS from NVD is 7.5. Remediation: update to QEMU 1.7.2 ...
CVE-2013-4150
CVE-2013-4150 affects QEMU 1.5.0–1.7.x before 1.7.2. The vulnerability is in virtio_net_load in hw/net/virtio-net.c: when curr_queues > max_queues, an out-of-bounds write occurs, enabling denial of service and potentially arbitrary code execution. Supported by multiple advisories (e.g., OpenVA...
CVE-2013-4149
Buffer overflow in virtionetload function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table...
CVE-2013-4149
Buffer overflow in virtionetload function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table...
CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...