Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2212

Overview

Vulnerability Score 7.4 7.4
CVE Id CVE-2011-2212
Last Modified 26 Jun 2012 12:00:00
Published 21 Jun 2012 11:55:09
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2011-2212

Summary

Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."

Vulnerable Systems

Application

  • Qemu 0.1

  • Qemu 0.1.1

  • Qemu 0.1.2

  • Qemu 0.1.3

  • Qemu 0.1.4

  • Qemu 0.1.5

  • Qemu 0.1.6

  • Qemu 0.10.0

  • Qemu 0.10.1

  • Qemu 0.10.2

  • Qemu 0.10.3

  • Qemu 0.10.4

  • Qemu 0.10.5

  • Qemu 0.10.6

  • Qemu 0.11.0

  • Qemu 0.11.0-rc0

  • Qemu 0.11.0-rc1

  • Qemu 0.11.0-rc2

  • Qemu 0.11.1

  • Qemu 0.12.0

  • Qemu 0.12.1

  • Qemu 0.12.2

  • Qemu 0.12.3

  • Qemu 0.12.4

  • Qemu 0.12.5

  • Qemu 0.13.0

  • Qemu 0.14.0

  • Qemu 0.2

  • Qemu 0.3

  • Qemu 0.4

  • Qemu 0.4.1

  • Qemu 0.4.2

  • Qemu 0.4.3

  • Qemu 0.5.0

  • Qemu 0.5.1

  • Qemu 0.5.2

  • Qemu 0.5.3

  • Qemu 0.5.4

  • Qemu 0.5.5

  • Qemu 0.6.0

  • Qemu 0.6.1

  • Qemu 0.7.0

  • Qemu 0.7.1

  • Qemu 0.7.2

  • Qemu 0.8.0

  • Qemu 0.8.1

  • Qemu 0.8.2

  • Qemu 0.9.0

  • Qemu 0.9.1

  • Qemu 0.9.1-5


References

SUSE - SUSE-SU-2011:0806

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=713589

OSVDB - 74751

UBUNTU - USN-1165-1

SECUNIA - 45354

SECUNIA - 45301

SECUNIA - 45188

SECUNIA - 45187

SECUNIA - 45170

SECUNIA - 45158

REDHAT - RHSA-2011:0919

SUSE - openSUSE-SU-2011:0803

DEBIAN - DSA-2282


Last Updated: 27 May 2016 10:56:33