Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU prior to 0.15.2 and 1.x prior to 1.0-rc4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat enterprise linux server supplementary 6.1.z |
||
redhat enterprise linux 6.0 |
||
qemu qemu 1.0 |
||
qemu qemu 0.15.0 |
||
qemu qemu |