CVE-2010-0297

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 0.11.1

Description A buffer overflow issue exists in the usb host handle control function within the USB passthrough handling implementation. This allows guest OS users to potentially cause a denial of service, such as crashing or hanging the guest OS, or possibly execute arbitrary code on the host OS by sending a crafted USB packet.

Recommendations For versions prior to 0.11.1, update to version 0.11.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of USB passthrough functionality until a patch is applied.