NVD

Id
8638  
Name
CVE-2011-1750  
Description
Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned.  
Reject
 
CVSS Version
2  
CVSS Score
7.4  
Severity
High  
CVSS Base Score
7.4  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
4.4  
CVSS Vector
(AV:A/AC:M/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2012-06-21  
Modified Date
2016-12-07  
Seq
2011-1750  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
49822 8638 CVE-2011-1750 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commitdiff;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d  View
49823 8638 CVE-2011-1750 FEDORA-2012-8604  View
49824 8638 CVE-2011-1750 [Qemu-devel] 20110330 virtio-blk.c handling of i/o which is not a 512 multiple  View
49825 8638 CVE-2011-1750 [Qemu-devel] 20110330 Re: virtio-blk.c handling of i/o which is not a 512 multiple  View
49826 8638 CVE-2011-1750 openSUSE-SU-2011:0510  View
49827 8638 CVE-2011-1750 RHSA-2011:0534  View
49828 8638 CVE-2011-1750 kvm-virtioblk-priv-escalation(67062)  View
49829 8638 CVE-2011-1750 SUSE-SU-2011:0533  View
49830 8638 CVE-2011-1750 DSA-2230  View
49831 8638 CVE-2011-1750 USN-1145-1  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27110 JVNDB-2012-002817 qemu-kvm の virtio-blk ドライバにおけるヒープベースのバッファオーバーフローの脆弱性 qemu-kvm の virtio-blk ドライバ (hw/virtio-blk.c) には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2011-1750 49657 CVE-2011-1750 8638 7.4 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002817.html 2012-06-21 2012-06-22 View