CVE-2011-4111 (retired)

Priority
Description
Buffer overflow in the ccid_card_vscard_handle_message function in
hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows
remote attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a crafted VSC_ATR message.
Notes
 jdstrand> introduced in commit edbb2136 and released in 0.15
 jdstrand> verified code not present in 11.10 and lower
Assigned-to
jdstrand
Package
Upstream:pending (1.0-rc4)
More Information

Updated: 2019-09-19 15:38:40 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)