PT-2013-1144 · Qemu+4 · Qemu+5

Asias He

Publicado

2013-10-04

Atualizado

2020-08-11

CVE-2013-4344

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified) SUSE Linux Enterprise (affected versions not specified)

Description The issue concerns a buffer overflow in the SCSI implementation, potentially allowing local users to gain privileges. This could lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation can be carried out locally by an authenticated attacker.

Recommendations For QEMU, consider restricting access to the SCSI implementation until a patch is available. For SUSE Linux Enterprise, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120

Identificadores relacionados

ALT-PU-2013-1219

BDU:2015-04319

CESA-2013_1553

CVE-2013-4344

DSA-2932-1

DSA-2933-1

MGASA-2013-0341

OPENSUSE-SU-2014_1279-1

OPENSUSE-SU-2014_1281-1

RHSA-2013:1527

RHSA-2013:1553

RHSA-2013:1754

RHSA-2013_1553

SUSE-SU-2014_1318-1

SUSE-SU-2015:0870-1

SUSE-SU-2015:0889-1

SUSE-SU-2015:1152-1

Produtos afetados

Alt Linux

Centos

Qemu

Red Hat

Suse Linux Enterprise

Suse

PT-2013-1144 · Qemu+4 · Qemu+5

CVE-2013-4344

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 87