Описание
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.14.0+noroms-0ubuntu8 |
| hardy | DNE | |
| lucid | released | 0.12.3+noroms-0ubuntu9.12 |
| maverick | released | 0.12.5+noroms-0ubuntu7.8 |
| natty | released | 0.14.0+noroms-0ubuntu4.3 |
| upstream | released | 0.14.1+dfsg-2 |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not proper ...
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
ELSA-2011-0919: qemu-kvm security and bug fix update (IMPORTANT)
EPSS
5.8 Medium
CVSS2