Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2013-4536

Back to Search

SUSE Linux Security Vulnerability: CVE-2013-4536

Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
06/26/2014
Created
07/25/2018
Added
06/26/2014
Modified
06/10/2021

Description

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

Solution(s)

  • suse-upgrade-kvm

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;