CVE-2011-4111 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Qemu

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

0.8%

top 25.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu XEN Redhat Enterprise Linux +1 more

Timeline

PublishedFeb 26

Latest updateMay 14

Description

Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.

CVSS vector

AV:A/AC:H/C:C/I:C/A:CExploitability: 3.2 | Impact: 10.0

Affected Packages3 packages

▶Debianqemu/qemu< 0.15.1+dfsg-2+3

▶NVDqemu/qemu0.15.1+2

▶Debianxen/xen< 4.4.0-1+3

Also affects: Enterprise Linux 6.0, 6.1.z

🔴Vulnerability Details

GHSA

GHSA-4c3m-mrr2-fw4x: Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru↗2022-05-14

▶

OSV

CVE-2011-4111: Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru↗2014-02-26

▶

CVEList

CVE-2011-4111: Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru↗2014-02-26

▶

📋Vendor Advisories

Red Hat

qemu: ccid: buffer overflow in handling of VSC_ATR message↗2011-11-28

▶

Debian

CVE-2011-4111: qemu - Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-...↗2011

▶

💬Community

Bugzilla

CVE-2011-4111 qemu: ccid: buffer overflow in handling of VSC_ATR message↗2011-11-04

▶