CVE-2013-4541

Publication date

2014-11-04 21:00:00

Family

redhat

State

PUBLISHED

Description

The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.