Discovery API Icon
Discovery API
Security Advisory Icon
Security Advisory
Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2011-3346

Published: April 1, 2014Last modified: November 10, 2023

Description

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSqemuNot affected (7.1.0-r4)
StreamqemuNot affected (8.1.2-r0)

References

ON THIS PAGE