Launchpad.net

CVE 2013-4538

Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.

Related bugs and status

CVE-2013-4538 (Candidate) is related to these bugs:

Bug #1322204: image format input validation fixes tracking bug

		In	Importance	Status
1322204	image format input validation fixes tracking bug	qemu (Ubuntu)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Utopic)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Saucy)	Undecided	Won't Fix
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Trusty)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Lucid)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Precise)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Lucid)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Precise)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Saucy)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Trusty)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Utopic)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-4538

Related bugs and status

Related bugs

References