Computer Security
[EN] securityvulns.ru no-pyccku


KVM security vulnerabilities
updated since 02.05.2011
Published:26.05.2011
Source:
SecurityVulns ID:11641
Type:local
Threat Level:
5/10
Description:DoS on guest system I/O processing.
Affected:QEMU : kvm 0.12
CVE:CVE-2011-1751 (The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers.")
 CVE-2011-1750 (Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned.)
 CVE-2011-0011 (qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2241-1] qemu-kvm security update (26.05.2011)
 documentDEBIAN, [SECURITY] [DSA 2230-1] qemu-kvm security update (02.05.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod