CVE-2011-2212
Published: 20 June 2011
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
Notes
Author | Note |
---|---|
jdstrand | be careful, 0.14.1 and Debian do not have the patch |
Priority
Status
Package | Release | Status |
---|---|---|
qemu-kvm Launchpad, Ubuntu, Debian |
upstream |
Needed
|
hardy |
Does not exist
|
|
lucid |
Released
(0.12.3+noroms-0ubuntu9.12)
|
|
maverick |
Released
(0.12.5+noroms-0ubuntu7.8)
|
|
natty |
Released
(0.14.0+noroms-0ubuntu4.3)
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2011-0919.html |
||
This vulnerability is mitigated in part by an AppArmor profile. |