Vulnerability Details : CVE-2011-2512
Potential exploit
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2011-2512
- cpe:2.3:a:kvm_group:qemu-kvm:*:*:*:*:*:*:*:*
- cpe:2.3:a:kvm_group:qemu-kvm:0.12:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-2512
0.60%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2512
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:A/AC:L/Au:N/C:P/I:P/A:P |
6.5
|
6.4
|
NIST |
CWE ids for CVE-2011-2512
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2512
-
https://www.debian.org/security/2011/dsa-2270
Debian -- Security Information -- DSA-2270-1 qemu-kvm
-
https://hermes.opensuse.org/messages/9605323
openSUSE.org - 503
-
http://secunia.com/advisories/44458
Sign inVendor Advisory
-
http://www.openwall.com/lists/oss-security/2011/06/29/15
oss-security - Re: CVE request: qemu-kvm: OOB memory access caused by negative vq notifiesPatch
-
http://secunia.com/advisories/45158
Sign inVendor Advisory
-
http://secunia.com/advisories/45301
Sign inVendor Advisory
-
http://secunia.com/advisories/45170
Sign inVendor Advisory
-
http://ubuntu.com/usn/usn-1165-1
USN-1165-1: QEMU vulnerabilities | Ubuntu security notices
-
http://rhn.redhat.com/errata/RHSA-2011-0919.html
RHSA-2011:0919 - Security Advisory - Red Hat Customer Portal
-
http://www.osvdb.org/74751
404 Not Found
-
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00007.html
[security-announce] openSUSE-SU-2011:0803-1: important: kvm
-
http://www.openwall.com/lists/oss-security/2011/06/28/13
oss-security - CVE request: qemu-kvm: OOB memory access caused by negative vq notifiesPatch
-
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=7157e2e23e89adcd436caeab31fdd6b47eded377
-
http://secunia.com/advisories/44648
Sign inVendor Advisory
Jump to