CVE-2013-4541 (retired)

Priority
Description
The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2
might allow remote attackers to execute arbitrary code via a crafted savevm
image, related to a negative setup_len or setup_index value.
Assigned-to
mdeslaur
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needed
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (2.1+dfsg-2ubuntu1)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=9f8e9895c504149d7048e9fc5eb5cbb34b16e49a
Package
Upstream:needed
Ubuntu 14.04 ESM (Trusty Tahr):DNE
More Information

Updated: 2019-09-19 15:45:48 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)