Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-3346

Опубликовано: 07 сент. 2011
Источник: redhat
CVSS2: 4
EPSS Низкий

Описание

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

Отчет

This issue only affects qemu as shipped with Red Hat Enterprise Linux 5 xen packages. The versions of the qemu/kvm as shipped with Red Hat Enterprise Linux 5 are not affected.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux Extended Update Support 5.7xenAffected
Red Hat Enterprise Linux 5xenFixedRHSA-2011:140124.10.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=736038qemu: local DoS with SCSI CD-ROM

EPSS

Процентиль: 32%
0.00119
Низкий

4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-3346

ubuntu
больше 11 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

nvd логотип

CVE-2011-3346

nvd
больше 11 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

debian логотип

CVE-2011-3346

debian
больше 11 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before ...

github логотип

GHSA-q6jm-gv84-4cp6

github
около 3 лет назад

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

oracle-oval логотип

ELSA-2011-1401

oracle-oval
почти 14 лет назад

ELSA-2011-1401: xen security and bug fix update (MODERATE)

EPSS

Процентиль: 32%
0.00119
Низкий

4 Medium

CVSS2