CVE-2013-4344

Published: Oct 4, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2014:1281

vendor-advisory

x_refsource_SUSE

62773

vdb-entry

x_refsource_BID

[qemu-devel] 20131009 [ANNOUNCE] QEMU 1.6.1 Stable released

mailing-list

x_refsource_MLIST

openSUSE-SU-2014:1279

vendor-advisory

x_refsource_SUSE

[oss-security] 20131002 Xen Security Advisory 65 (CVE-2013-4344) - qemu SCSI REPORT LUNS buffer overflow

mailing-list

x_refsource_MLIST

98028

vdb-entry

x_refsource_OSVDB

RHSA-2013:1754

vendor-advisory

x_refsource_REDHAT

RHSA-2013:1553

vendor-advisory

x_refsource_REDHAT

USN-2092-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4344

Description

Affected Products

References