Buffer Overflow Vulnerability in QEMU Affecting Xen Users
CVE-2011-3346

Currently unrated

Key Information:

Vendor: Xen Project
Status: Xen; Qemu; Enterprise Linux
Vendor: CVE Published:; 1 April 2014

What is CVE-2011-3346?

A buffer overflow vulnerability exists within the SCSI subsystem of QEMU prior to version 0.15.2. This issue allows local guest users with access rights to the CD-ROM to trigger a denial of service condition by sending a specially crafted SAI READ CAPACITY SCSI command. The vulnerability is particularly concerning if the root user has manually adjusted certain permissions or access control lists (ACLs), potentially escalating the risk of system instability or crash.

References

http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log

x_refsource_CONFIRM

http://www.redhat.com/support/errata/RHSA-2011-1401.html

vendor-advisoryx_refsource_REDHAT

https://github.com/bonzini/qemu/commit/103b40f51e4012b3b0...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 1, 2014
Vulnerability Reserved
Aug 30, 2011

Xen Project

What is CVE-2011-3346?

References

Timeline