DEBIAN-CVE-2013-4536

DEBIAN-CVE-2013-4536 PUBLISHED CVSS 7.800000190734863 HIGH

An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

Risk Scores

CVSS v3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:12	qemu	0, 0, 0
Debian:13	qemu	0, 0, 0
Debian:14	qemu	0, 0, 0
Debian:11	qemu	0, 0, 0

Timeline

May 28, 2021 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2013-4536 advisory

Open in Interactive Console →