{"id":"MGASA-2013-0341","summary":"Updated qemu package fixes security vulnerability","details":"A buffer overflow flaw was found in the way QEMU processed the SCSI\n\"REPORT LUNS\" command when more than 256 LUNs were specified for a single\nSCSI target. A privileged guest user could use this flaw to corrupt QEMU\nprocess memory on the host, which could potentially result in arbitrary\ncode execution on the host with the privileges of the QEMU process\n(CVE-2013-4344).\n","modified":"2026-02-04T03:01:24.952447Z","published":"2013-11-22T18:49:20Z","related":["CVE-2013-4344"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0341.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11422"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2013-1553.html"}],"affected":[{"package":{"name":"qemu","ecosystem":"Mageia:2","purl":"pkg:rpm/mageia/qemu?arch=source&distro=mageia-2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0-6.6.mga2"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0341.json"}},{"package":{"name":"qemu","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/qemu?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-8.3.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0341.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}