fkie_nvd - fkie_cve-2013-4538

FKIE_CVE-2013-4538

Vulnerability from fkie_nvd - Published: 2014-11-04 21:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.

References

URL	Tags
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead7a57df37d2187813a121308213f41591bd811
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
secalert@redhat.com	http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
secalert@redhat.com	http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead7a57df37d2187813a121308213f41591bd811
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html	Patch

Impacted products

Vendor	Product	Version
qemu	qemu	*
qemu	qemu	0.1.0
qemu	qemu	0.1.1
qemu	qemu	0.1.2
qemu	qemu	0.1.3
qemu	qemu	0.1.4
qemu	qemu	0.1.5
qemu	qemu	0.1.6
qemu	qemu	0.2.0
qemu	qemu	0.3.0
qemu	qemu	0.4.0
qemu	qemu	0.4.1
qemu	qemu	0.4.2
qemu	qemu	0.4.3
qemu	qemu	0.5.0
qemu	qemu	0.5.1
qemu	qemu	0.5.2
qemu	qemu	0.5.3
qemu	qemu	0.5.4
qemu	qemu	0.5.5
qemu	qemu	0.6.0
qemu	qemu	0.6.1
qemu	qemu	0.7.0
qemu	qemu	0.7.1
qemu	qemu	0.7.2
qemu	qemu	0.8.0
qemu	qemu	0.8.1
qemu	qemu	0.8.2
qemu	qemu	0.9.0
qemu	qemu	0.9.1
qemu	qemu	0.9.1-5
qemu	qemu	0.10.0
qemu	qemu	0.10.1
qemu	qemu	0.10.2
qemu	qemu	0.10.3
qemu	qemu	0.10.4
qemu	qemu	0.10.5
qemu	qemu	0.10.6
qemu	qemu	0.11.0
qemu	qemu	0.11.0
qemu	qemu	0.11.0
qemu	qemu	0.11.0
qemu	qemu	0.11.0-rc0
qemu	qemu	0.11.0-rc1
qemu	qemu	0.11.0-rc2
qemu	qemu	0.11.1
qemu	qemu	0.12.0
qemu	qemu	0.12.0
qemu	qemu	0.12.0
qemu	qemu	0.12.1
qemu	qemu	0.12.2
qemu	qemu	0.12.3
qemu	qemu	0.12.4
qemu	qemu	0.12.5
qemu	qemu	0.13.0
qemu	qemu	0.13.0
qemu	qemu	0.13.0
qemu	qemu	0.14.0
qemu	qemu	0.14.0
qemu	qemu	0.14.0
qemu	qemu	0.14.0
qemu	qemu	0.14.1
qemu	qemu	0.15.0
qemu	qemu	0.15.0
qemu	qemu	0.15.1
qemu	qemu	0.15.2
qemu	qemu	1.0
qemu	qemu	1.0
qemu	qemu	1.0
qemu	qemu	1.0
qemu	qemu	1.0
qemu	qemu	1.0.1
qemu	qemu	1.1
qemu	qemu	1.1
qemu	qemu	1.1
qemu	qemu	1.1
qemu	qemu	1.1
qemu	qemu	1.4.1
qemu	qemu	1.4.2
qemu	qemu	1.5.0
qemu	qemu	1.5.0
qemu	qemu	1.5.0
qemu	qemu	1.5.0
qemu	qemu	1.5.1
qemu	qemu	1.5.2
qemu	qemu	1.5.3
qemu	qemu	1.6.0
qemu	qemu	1.6.0
qemu	qemu	1.6.0
qemu	qemu	1.6.0
qemu	qemu	1.6.1
qemu	qemu	1.6.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "535B1295-C195-4EFD-8509-C6DE3FAF3F3E",
              "versionEndIncluding": "1.7.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC82CD08-F151-489C-9BC4-50C8C9583718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "75D04344-C6CE-40D5-97ED-42B3DBA1AAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "71CC4D45-66BE-4C23-B541-DD4604ACC9FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E41058D-380C-4098-96FB-53CC158ED420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE12226-C599-45A2-8CFD-32753F94204B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C06F8832-B32F-4352-B048-A4ADCE85373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5278C685-988B-40D7-9AE9-B4FB8AF41C8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6C6B20B-2E5D-4D25-885A-227A4BE5EEBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2FF7251-031D-4A9B-9AF0-1FFE556456D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D942D17-1AA9-4D5A-8F5E-0F4F762522D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2519BF-5F68-4096-8DE2-2C7BCF7200D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B00BD71-2AE5-47BA-999A-7E89590B86C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA6701A9-78CC-49D0-A40A-CB1C774400AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B5A7F2-B5B2-46CF-BBD0-AB986A8E55EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBEBD56F-EFBC-4620-A77C-E215A7AFDAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C45EA44-ECD1-40A7-89CE-D770BDC9DB4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "83088B0F-A6F8-4F47-99C0-09FEA234272F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "17E948D4-6C1A-43D2-B128-1A728FD61703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6470915C-CA3C-42CA-B69B-0FC40A33D02D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "759505BA-6F19-4BAE-8297-D8F30EEC8D8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A98CC34-2DB7-46CD-AA60-A7C08DDF22B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E424B63B-DCD8-4209-A4CB-84C1EDF5B255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9576AA2-2FDD-4063-8D84-DE8DB063AC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "544368B2-37BE-41DD-8DC2-F04B6A394696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14A6B570-09CE-4AFF-AC8C-51F37FC79811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5670FB-B9EA-4B9C-BB7B-575494F12CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27650033-1C9F-4175-A26F-D9082A36F079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F1D35E0-2033-4ADE-9ADA-3B45996B53B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6205775B-4A83-498F-A60E-54473F5D5704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.9.1-5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BCDB83-93ED-43CC-9D12-FAB227BE48CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A6382B-A08C-4D58-B3F9-D74132A74B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7483B9F2-246C-4B78-9EFA-7734B7209054",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83436B8-AFC9-4AA2-8414-1F703812718D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCA47F54-B59B-45EC-B5D4-DF544E4BE1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4786DEA6-6F23-4969-B7E0-C664FCB2284E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3CABBB-9C1F-4ACD-A2AC-8320348DDA99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0ED046D-26E2-4E01-BAB1-F86249A2E827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A2973F-4CDA-4B8D-8331-FD14394AB906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "A4EF80C9-6950-412E-975F-058F20DF9F04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "921698C0-DCE3-4604-8ED3-B327273D6EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "F75C73E2-9137-4EAB-8D76-B0B22C391A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0-rc0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE2585F-9F3C-445C-B0A4-CC214B23F2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0-rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F061815-F34A-431A-9BF3-020348CB5C45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.0-rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE5017A8-9600-422D-A612-CBEF1C3A1E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "340D614F-7B0B-4CB3-AEF3-26360FADF67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71C7DAD-86D5-4E9B-9549-C9FBD48AE22C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "37E501EA-4C70-48F1-9822-5575AFAA8783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "77FCC2AD-2FDA-484B-B4A6-D842404DEE59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48D2B63-5171-45E6-BF19-DFC63FA6683D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7750C948-7169-44F1-A834-AE52BFBDC701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7AA-7237-44A9-B8BB-ACEC48BAFBEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD38AD65-FF40-431B-BA2C-D55A7D0737A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "36233339-A9DF-4ACD-89A6-F79CB07E1568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F385658D-5D5C-49E6-8C67-FE4321CDCE1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.13.0:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "0A74A421-6012-4BEC-802D-7A05D20AF285",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.13.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "EB41C21C-B250-40D1-ADC1-B03866794417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77768E6F-408A-48A7-9F67-B8E1760DBA11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.14.0:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "8162E07B-718E-41B3-B19C-A933CC1E2710",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.14.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "A0229959-6909-482B-9446-68C9B3021510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.14.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "7048A380-A251-42D7-B081-CDB38B6A27F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EA71FFE-E41F-4128-A598-EDF446D9A045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.15.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "EE446FA1-FBB8-4B76-904C-F4664703BFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.15.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "80621FFA-6189-47CD-9A6A-1D5A781862AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E5773C0-7714-496A-B038-9C02B99D8F74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:0.15.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77D3B9C-CE03-4F1C-BA0C-EBC406AF7A62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E66599D-9EC4-409C-BD26-62EC3B001984",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1CF80F8D-5402-4AA6-ABB1-EEBD8EA0BBDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "92FE0592-3611-4F93-A0B2-73ADFBF87FB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "795EDF48-6FE0-4DE7-A57F-632BF0043677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "17B83487-28EC-4EF0-9703-BD86384C1276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "15A780B6-2BF3-480C-A519-16D1BFF2FC5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8771F32-FFD2-43BD-B660-2CA8F6C41C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "01E89E31-F32D-4035-8923-7A5728E75DDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "436BABC6-3D1C-4945-AADF-ED4D7C686E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.1:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "C3307CBF-525D-4F66-A7A6-B0B273C0BD7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.1:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "E0A03725-CE1B-451F-8E14-9168E417692C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59B3B915-1606-48E4-9EFC-BD9D6A6D404A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA86C99D-E544-471F-8F8E-94525E600132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "998961D0-6B1E-4237-AFC3-2E1E4D90BDE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "35B1E3F1-4647-47FF-9546-0742F10B607B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0147F4B2-0591-4681-AE24-975AB6A349D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "97757FF0-D0D6-4BFE-811A-6398D8520D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F126B1-284B-4B3A-8540-1498628C46F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8D5F0C-85F5-46D1-B77C-4A7CCE2D69B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "508383F4-B6EE-4C64-AE63-209EA87DF557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB7A7593-FAC0-4336-84AF-EC367059D5C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.6.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1E8BE223-9122-416D-AA1D-694B19C80A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.6.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "331C6EE9-9DA2-4FE1-8446-C9CC21353332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.6.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "383C575E-724D-4F97-9E0C-CDE50499C3D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEC5BC38-FFBD-4484-943D-47A0AADD20B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:qemu:qemu:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "59FC829F-2AC7-4CB5-8F03-967906DE9028",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de buffer en la funci\u00f3n ssd0323_load en hw/display/ssd0323.c en QEMU anterior a 1.7.2 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de valores (1) cmd_len, (2) row, o (3) col manipulados; (4) valores row_start y row_end; o (5) valores col_star y col_end en un imagen savevm."
    }
  ],
  "id": "CVE-2013-4538",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-11-04T21:55:24.813",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead7a57df37d2187813a121308213f41591bd811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead7a57df37d2187813a121308213f41591bd811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2013-4538 (GCVE-0-2013-4538)

Vulnerability from cvelistv5 – Published: 2014-11-04 21:00 – Updated: 2024-08-06 16:45

Summary

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2013-4538

CVE-2013-4538 (GCVE-0-2013-4538)

Tags

Sightings

Nomenclature