CVE-2011-1750 (retired)

Priority
Description
Multiple heap-based buffer overflows in the virtio-blk driver
(hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a
denial of service (guest crash) and possibly gain privileges via a (1)
write request to the virtio_blk_handle_write function or (2) read request
to the virtio_blk_handle_read function that is not properly aligned.
Notes
 jdstrand> adding apparmor tag since qemu-kvm is typically used with libvirt
  on Ubuntu, and is therefore confined by AppArmor
Assigned-to
jdstrand
More Information

Updated: 2019-03-26 11:56:24 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)