Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-3461

Published: 15 May 2014

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."

Priority

Low

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Ignored
(end of life)
trusty
Released (2.0.0+dfsg-2ubuntu1.3)
upstream Needed

Patches:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=719ffe1f5f72b1c7ace4afe9ba2815bcb53a829e
qemu-kvm
Launchpad, Ubuntu, Debian
lucid Not vulnerable
(code not present)
precise
Released (1.0+noroms-0ubuntu14.17)
quantal Ignored
(end of life)
saucy Does not exist

trusty Does not exist

upstream Needed