Launchpad.net

CVE 2013-4540

Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.

Related bugs and status

CVE-2013-4540 (Candidate) is related to these bugs:

Bug #1322204: image format input validation fixes tracking bug

		In	Importance	Status
1322204	image format input validation fixes tracking bug	qemu (Ubuntu)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Utopic)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Saucy)	Undecided	Won't Fix
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Trusty)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Lucid)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu (Ubuntu Precise)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Lucid)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Precise)	Undecided	Fix Released
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Saucy)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Trusty)	Undecided	Invalid
1322204	image format input validation fixes tracking bug	qemu-kvm (Ubuntu Utopic)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-4540

Related bugs and status

Related bugs

References