7.4

CVE-2011-1751

The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QemuQemu Version0.1.0
QemuQemu Version0.1.1
QemuQemu Version0.1.2
QemuQemu Version0.1.3
QemuQemu Version0.1.4
QemuQemu Version0.1.5
QemuQemu Version0.1.6
QemuQemu Version0.2.0
QemuQemu Version0.3.0
QemuQemu Version0.4.0
QemuQemu Version0.4.1
QemuQemu Version0.4.2
QemuQemu Version0.4.3
QemuQemu Version0.5.0
QemuQemu Version0.5.1
QemuQemu Version0.5.2
QemuQemu Version0.5.3
QemuQemu Version0.5.4
QemuQemu Version0.5.5
QemuQemu Version0.6.0
QemuQemu Version0.6.1
QemuQemu Version0.7.0
QemuQemu Version0.7.1
QemuQemu Version0.7.2
QemuQemu Version0.8.0
QemuQemu Version0.8.1
QemuQemu Version0.8.2
QemuQemu Version0.9.0
QemuQemu Version0.9.1
QemuQemu Version0.9.1-5
QemuQemu Version0.10.0
QemuQemu Version0.10.1
QemuQemu Version0.10.2
QemuQemu Version0.10.3
QemuQemu Version0.10.4
QemuQemu Version0.10.5
QemuQemu Version0.10.6
QemuQemu Version0.11.0
QemuQemu Version0.11.0 Updaterc0
QemuQemu Version0.11.0 Updaterc1
QemuQemu Version0.11.0 Updaterc2
QemuQemu Version0.11.0-rc0
QemuQemu Version0.11.0-rc1
QemuQemu Version0.11.0-rc2
QemuQemu Version0.11.1
QemuQemu Version0.12.0
QemuQemu Version0.12.0 Updaterc1
QemuQemu Version0.12.0 Updaterc2
QemuQemu Version0.12.1
QemuQemu Version0.12.2
QemuQemu Version0.12.3
QemuQemu Version0.12.4
QemuQemu Version0.12.5
QemuQemu Version0.13.0
QemuQemu Version0.13.0 Updaterc0
QemuQemu Version0.13.0 Updaterc1
QemuQemu Version0.14.0
QemuQemu Version0.14.0 Updaterc0
QemuQemu Version0.14.0 Updaterc1
QemuQemu Version0.14.0 Updaterc2
QemuQemu Version0.14.1
QemuQemu Version0.15.0 Updaterc1
QemuQemu Version0.15.0 Updaterc2
QemuQemu Version1.0
QemuQemu Version1.0 Updaterc1
QemuQemu Version1.0 Updaterc2
QemuQemu Version1.0 Updaterc3
QemuQemu Version1.0 Updaterc4
QemuQemu Version1.0.1
QemuQemu Version1.1
QemuQemu Version1.1 Updaterc1
QemuQemu Version1.1 Updaterc2
QemuQemu Version1.1 Updaterc3
QemuQemu Version1.1 Updaterc4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.75% 0.501
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.4 4.4 10
AV:A/AC:M/Au:S/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/44393
Vendor Advisory
http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html
http://rhn.redhat.com/errata/RHSA-2011-0534.html
http://secunia.com/advisories/44658
Vendor Advisory
http://secunia.com/advisories/44660
Vendor Advisory
http://secunia.com/advisories/44900
Vendor Advisory
https://hermes.opensuse.org/messages/8572547
https://www.ubuntu.com/usn/USN-1145-1/
http://blog.nelhage.com/2011/08/breaking-out-of-kvm/
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=505597e4476a6bc219d0ec1362b760d71cb4fdca
http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html
http://secunia.com/advisories/44458
Vendor Advisory
http://secunia.com/advisories/44648
Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/05/19/2
http://www.osvdb.org/73395
http://www.securityfocus.com/bid/47927
https://bugzilla.redhat.com/show_bug.cgi?id=699773
https://github.com/nelhage/virtunoid