The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 up to and including 1.7.x prior to 1.7.2 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_queues, which triggers an out-of-bounds write.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu 1.6.0 |
||
qemu qemu 1.5.0 |
||
qemu qemu 1.5.3 |
||
qemu qemu 1.5.1 |
||
qemu qemu 1.5.2 |
||
qemu qemu 1.7.1 |
||
qemu qemu 1.6.2 |
||
qemu qemu 1.6.1 |