CVE-2011-4111

CVSS v2.0

6.8

Medium

Vector

AV:A/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 0.15.2 QEMU versions 1.x prior to 1.0-rc4

Description The issue is related to a buffer overflow in the ccid card vscard handle message function, which can be triggered by a crafted VSC ATR message. This could lead to a denial of service (crash) and potentially allow the execution of arbitrary code.

Recommendations For QEMU versions prior to 0.15.2, update to version 0.15.2 or later. For QEMU versions 1.x prior to 1.0-rc4, update to version 1.0-rc4 or later.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CESA-2011_1777

CESA-2011_1801

CVE-2011-4111

RHSA-2011:1777

RHSA-2011:1801

RHSA-2011_1777

RHSA-2011_1801

Affected Products

Centos

Qemu

Red Hat

CVE-2011-4111

Weakness Enumeration

Related Identifiers

Affected Products

References · 24