CVE-2011-1750
Published: 29 May 2011
Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned.
Notes
| Author | Note |
|---|---|
| jdstrand | adding apparmor tag since qemu-kvm is typically used with libvirt on Ubuntu, and is therefore confined by AppArmor |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
qemu-kvm Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| lucid |
Released
(0.12.3+noroms-0ubuntu9.9)
|
|
| maverick |
Released
(0.12.5+noroms-0ubuntu7.5)
|
|
| natty |
Released
(0.14.0+noroms-0ubuntu4.1)
|
|
| upstream |
Needs triage
|
|
|
Patches: other: http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d vendor: http://www.debian.org/security/2011/dsa-2230 vendor: https://rhn.redhat.com/errata/RHSA-2011-0534.html |
||
| This vulnerability is mitigated in part by the use of GNU C Library heap protector in Ubuntu. This vulnerability is mitigated in part by an AppArmor profile. | ||