Description
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0743.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0744.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
Various Sources mailing-list
x_refsource_mlist
http://article.gmane.org/gmane.comp.emulators.qemu/272092
Scores
EPSS
0.0333
EPSS Percentile
87.5%
Details
CWE
CWE-119
Status
published
Products (1)
qemu/qemu
1.6.2
Published
Nov 04, 2014
Tracked Since
Feb 18, 2026