CVE-2010-0297

Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.4:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.9.1-5:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.2:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.3:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.4:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.5:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.10.6:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.11.0-rc0:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.11.0-rc1:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:0.11.0-rc2:*:*:*:*:*:*:*

History

21 Nov 2024, 01:11

Type Values Removed Values Added
References () http://git.savannah.gnu.org/cgit/qemu.git/commit/?id=babd03fde68093482528010a5435c14ce9128e3f - () http://git.savannah.gnu.org/cgit/qemu.git/commit/?id=babd03fde68093482528010a5435c14ce9128e3f -
References () http://marc.info/?l=oss-security&m=126510479211473&w=2 - () http://marc.info/?l=oss-security&m=126510479211473&w=2 -
References () http://marc.info/?l=oss-security&m=126527304127254&w=2 - () http://marc.info/?l=oss-security&m=126527304127254&w=2 -
References () http://wiki.qemu.org/ChangeLog - () http://wiki.qemu.org/ChangeLog -
References () http://www.mail-archive.com/kvm%40vger.kernel.org/msg18447.html - () http://www.mail-archive.com/kvm%40vger.kernel.org/msg18447.html -
References () http://www.mail-archive.com/kvm%40vger.kernel.org/msg19581.html - () http://www.mail-archive.com/kvm%40vger.kernel.org/msg19581.html -
References () http://www.mail-archive.com/kvm%40vger.kernel.org/msg19596.html - () http://www.mail-archive.com/kvm%40vger.kernel.org/msg19596.html -
References () http://www.securityfocus.com/bid/38158 - () http://www.securityfocus.com/bid/38158 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=557025 - () https://bugzilla.redhat.com/show_bug.cgi?id=557025 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/56194 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/56194 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11786 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11786 -
References () https://rhn.redhat.com/errata/RHSA-2010-0088.html - () https://rhn.redhat.com/errata/RHSA-2010-0088.html -

Information

Published : 2010-02-12 19:30

Updated : 2024-11-21 01:11


NVD link : CVE-2010-0297

Mitre link : CVE-2010-0297

CVE.ORG link : CVE-2010-0297


JSON object : View

Products Affected

qemu

  • qemu
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer