The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-11-04T21:00:00

Updated: 2024-08-06T16:45:15.106Z

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4542

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-11-04T21:55:25.017

Modified: 2023-02-13T04:47:30.420

Link: CVE-2013-4542

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-12-03T00:00:00Z

Links: CVE-2013-4542 - Bugzilla