Описание
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Отчет
This issue only affects Red Hat Enterprise Linux 6. The version of the qemu/kvm as shipped with Red Hat Enterprise Linux 5 is not affected because it does not provide support for indirect descriptors.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Virtualization 2 | ovirt-node | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Fixed | RHSA-2011:0919 | 05.07.2011 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS2
Связанные уязвимости
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier ...
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
ELSA-2011-0919: qemu-kvm security and bug fix update (IMPORTANT)
EPSS
7.4 High
CVSS2