{"containers": {"cna": {"affected": [{"product": "qemu", "vendor": "n/a", "versions": [{"status": "affected", "version": "qemu-kvm 1.5.3"}]}], "descriptions": [{"lang": "en", "value": "An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-27T15:06:36", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210727-0002/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4536", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "qemu", "version": {"version_data": [{"version_value": "qemu-kvm 1.5.3"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401"}, {"name": "https://security.netapp.com/advisory/ntap-20210727-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210727-0002/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:45:14.837Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210727-0002/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-4536", "datePublished": "2021-05-28T16:58:49", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2024-08-06T16:45:14.837Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "matchCriteriaId": "0192677A-9E6D-4899-BE85-CE38733501A3", "versionEndExcluding": "1.5.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process."}, {"lang": "es", "value": "Un usuario capaz de alterar los datos de savevm (ya sea en el disco o por cable durante la migraci\u00f3n) podr\u00eda usar este fallo para corromper la memoria del proceso de QEMU en el host (de destino), lo que potencialmente podr\u00eda resultar en una ejecuci\u00f3n de c\u00f3digo arbitraria en el host con los privilegios del proceso QEMU"}], "id": "CVE-2013-4536", "lastModified": "2024-11-21T01:55:47.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-28T17:15:07.350", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210727-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210727-0002/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "This issue was discovered by Anthony Liguori, Michael Roth, and Michael S. Tsirkin (Red Hat).", "affected_release": [{"advisory": "RHSA-2014:0888", "cpe": "cpe:/a:redhat:openstack:3::el6", "package": "qemu-kvm-rhev-2:0.12.1.2-2.415.el6_5.10", "product_name": "OpenStack 3 for RHEL 6", "release_date": "2014-07-24T00:00:00Z"}, {"advisory": "RHSA-2014:0888", "cpe": "cpe:/a:redhat:openstack:4::el6", "package": "qemu-kvm-rhev-2:0.12.1.2-2.415.el6_5.10", "product_name": "OpenStack 4 for RHEL 6", "release_date": "2014-07-24T00:00:00Z"}, {"advisory": "RHSA-2014:0743", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "qemu-kvm-2:0.12.1.2-2.415.el6_5.10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-06-10T00:00:00Z"}, {"advisory": "RHSA-2014:0927", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "qemu-kvm-10:1.5.3-60.el7_0.5", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2014-07-23T00:00:00Z"}, {"advisory": "RHSA-2014:1268", "cpe": "cpe:/a:redhat:openstack:5::el7", "package": "qemu-kvm-rhev-10:1.5.3-60.el7_0.7", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "release_date": "2014-09-22T00:00:00Z"}, {"advisory": "RHSA-2014:0744", "cpe": "cpe:/a:redhat:enterprise_linux:6::hypervisor", "package": "qemu-kvm-rhev-2:0.12.1.2-2.415.el6_5.10", "product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6", "release_date": "2014-06-10T00:00:00Z"}, {"advisory": "RHSA-2014:0674", "cpe": "cpe:/o:redhat:enterprise_linux:6::hypervisor", "package": "rhev-hypervisor6-0:6.5-20140603.2.el6ev", "product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6", "release_date": "2014-06-09T00:00:00Z"}], "bugzilla": {"description": "qemu: virtio: insufficient validation of num_sg when mapping", "id": "1066401", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066401"}, "csaw": false, "cvss": {"cvss_base_score": "3.7", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-119", "details": ["An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process."], "name": "CVE-2013-4536", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kvm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2013-12-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-4536\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-4536"], "threat_severity": "Moderate", "upstream_fix": "qemu-kvm 1.5.3"}