CVE-2011-4111

Priority
Description
Buffer overflow in the ccid_card_vscard_handle_message function in
hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows
remote attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a crafted VSC_ATR message.
Assigned-to
jdstrand
Notes
jdstrandintroduced in commit edbb2136 and released in 0.15
verified code not present in 11.10 and lower
Package
Upstream:pending (1.0-rc4)
More Information

Updated: 2020-01-29 19:42:42 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)