CVE-2011-2512

Priority
Medium
Description
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly
validate the virtqueue number, which allows guest users to cause a denial
of service (guest crash) and possibly execute arbitrary code via a negative
number in the Queue Notify field of the Virtio Header, which bypasses a
signed comparison.
References
Bugs
Assigned-to
jdstrand
Package
Upstream:released (0.14.1+dfsg-2)
Patches:
Patch:http://patchwork.ozlabs.org/patch/94604/
Vendor:https://rhn.redhat.com/errata/RHSA-2011-0919.html
Vendor:http://www.debian.org/security/2011/dsa-2270
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:39:47 UTC (commit 9756)