CVE-2013-4344
Publication date 4 October 2013
Last updated 24 July 2024
Ubuntu priority
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.
Status
Package | Ubuntu Release | Status |
---|---|---|
qemu | 13.10 saucy |
Fixed 1.5.0+dfsg-3ubuntu5.3
|
13.04 raring | Ignored end of life | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release | |
qemu-kvm | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal |
Fixed 1.2.0+noroms-0ubuntu2.12.10.6
|
|
12.04 LTS precise |
Fixed 1.0+noroms-0ubuntu14.13
|
|
10.04 LTS lucid |
Not affected
|
|
xen | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
10.04 LTS lucid | Not in release | |
xen-3.3 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
10.04 LTS lucid |
Not affected
|
Notes
Patch details
Package | Patch details |
---|---|
qemu | |
qemu-kvm |
References
Related Ubuntu Security Notices (USN)
- USN-2092-1
- QEMU vulnerabilities
- 30 January 2014