hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
fedoraproject fedora 21 |
||
fedoraproject fedora 22 |
||
fedoraproject fedora 23 |
||
suse linux enterprise desktop 12 |
||
suse linux enterprise server 12 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 15.04 |
||
arista eos - |