NVD Vulnerability Detail

CVE-2011-1750

Summary	Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned.
Publication Date	June 22, 2012, 12:55 a.m.
Registration Date	Jan. 28, 2021, 4:38 p.m.
Last Update	Nov. 21, 2024, 10:26 a.m.

CVSS2.0 : HIGH
Score	7.4
Vector	AV:A/AC:M/Au:S/C:C/I:C/A:C
攻撃元区分(AV)	隣接
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	単一
機密性への影響(C)	高
完全性への影響(I)	高
可用性への影響(A)	高
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:qemu:qemu:0.14.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=52c050236eaa4f0b5e1d160cd66dc18106445c4d
2	http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html
3	http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html
4	http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html
5	http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html
6	http://rhn.redhat.com/errata/RHSA-2011-0534.html
7	http://secunia.com/advisories/44132	Vendor Advisory
8	http://secunia.com/advisories/44393	Vendor Advisory
9	http://secunia.com/advisories/44658	Vendor Advisory
10	http://secunia.com/advisories/44660	Vendor Advisory
11	http://secunia.com/advisories/44900	Vendor Advisory
12	http://www.osvdb.org/73756
13	https://exchange.xforce.ibmcloud.com/vulnerabilities/67062
14	https://hermes.opensuse.org/messages/8572547
15	https://www.debian.org/security/2011/dsa-2230
16	https://www.ubuntu.com/usn/USN-1145-1/
17	http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=52c050236eaa4f0b5e1d160cd66dc18106445c4d
18	https://www.ubuntu.com/usn/USN-1145-1/
19	https://www.debian.org/security/2011/dsa-2230
20	https://hermes.opensuse.org/messages/8572547
21	https://exchange.xforce.ibmcloud.com/vulnerabilities/67062
22	http://www.osvdb.org/73756
23	http://secunia.com/advisories/44900	Vendor Advisory
24	http://secunia.com/advisories/44660	Vendor Advisory
25	http://secunia.com/advisories/44658	Vendor Advisory
26	http://secunia.com/advisories/44393	Vendor Advisory
27	http://secunia.com/advisories/44132	Vendor Advisory
28	http://rhn.redhat.com/errata/RHSA-2011-0534.html
29	http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html
30	http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html
31	http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html
32	http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

qemu-kvm の virtio-blk ドライバにおけるヒープベースのバッファオーバーフローの脆弱性

Title	qemu-kvm の virtio-blk ドライバにおけるヒープベースのバッファオーバーフローの脆弱性
Summary	qemu-kvm の virtio-blk ドライバ (hw/virtio-blk.c) には、ヒープベースのバッファオーバーフローの脆弱性が存在します。
Possible impacts	ローカルゲストユーザにより、適切に配置されていない (1) virtio_blk_handle_write 関数に対する書き込み要求、または (2) virtio_blk_handle_read 関数に対する読み取り要求を介して、サービス運用妨害 (ゲストクラッシュ) 状態にされる、および権限を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 21, 2012, midnight
Registration Date	June 22, 2012, 4:29 p.m.
Last Update	June 22, 2012, 4:29 p.m.

Affected System

Fabrice Bellard

QEMU

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-1750	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1750
National Vulnerability Database (NVD)
2	CVE-2011-1750	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1750

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Debian Security Advisory
1	DSA-2230	http://www.debian.org/security/2011/dsa-2230
Fedora Update Notification
2	FEDORA-2012-8604	http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html
kernel.org
3	virt/kvm/qemu-kvm.git / commitdiff	http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commitdiff;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d
opensuse-security-announce
4	openSUSE-SU-2011:0510	http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html
QEMU
5	Top Page	http://wiki.qemu.org/Main_Page
Red Hat Security Advisory
6	RHSA-2011:0534	http://rhn.redhat.com/errata/RHSA-2011-0534.html
Ubuntu Security Notice
7	USN-1145-1	http://www.ubuntu.com/usn/usn-1145-1/

Change Log

No	Changed Details	Date of change
0	[2012年06月22日] 掲載	Feb. 17, 2018, 10:37 a.m.