{"id":"CVE-2014-3461","details":"hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to \"USB post load checks.\"","modified":"2026-02-04T02:47:22.477154Z","published":"2014-11-04T21:55:25Z","related":["MGASA-2014-0426","SUSE-SU-2015:0870-1","SUSE-SU-2015:0889-1","SUSE-SU-2015:1152-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0743.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0744.html"},{"type":"WEB","url":"http://article.gmane.org/gmane.comp.emulators.qemu/272092"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html"}],"schema_version":"1.7.3"}