Wind River Support Network

HomeDefectsLIN6-4940

Fixed

LIN6-4940 : Security Advisory - qemu - CVE-2013-4344

Created: Oct 16, 2013 Updated: Dec 3, 2018

Resolved Date: May 8, 2014

Previous ID: LIN3-20458

Found In Version: 6.0

Fix Version: 6.0.0.7

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4344

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38