CVE-2011-1750 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-1750 Interim 1 20 2024-04-03T00:56:09Z current 2021-05-30T12:57:22Z 2024-04-03T00:56:09Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-1750 Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J3SFKURISLALS2JGJL22FCLRZSUGU7TT/#J3SFKURISLALS2JGJL22FCLRZSUGU7TT E-Mail link for SUSE-SR:2011:010 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2GYOIMCZROPCPAJ2KKWIHJNXYM6WHVDA/#2GYOIMCZROPCPAJ2KKWIHJNXYM6WHVDA E-Mail link for SUSE-SU-2011:0608-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Enterprise Server 11 SP1 for SAP Enterprise Search SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Business All-in-One 11 SP1 SUSE Studio Extension for System z 1.2 kvm kvm-0.12.5-1.8.1 kvm-0.12.5-1.8.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA kvm as a component of SUSE Linux Enterprise Desktop 11 SP1 kvm as a component of SUSE Linux Enterprise Enterprise Server 11 SP1 for SAP Enterprise Search kvm as a component of SUSE Linux Enterprise Server 11 SP1 kvm as a component of SUSE Linux Enterprise Server 11 SP1 LTSS kvm as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata kvm as a component of SUSE Linux Enterprise Server for SAP Business All-in-One 11 SP1 kvm as a component of SUSE Studio Extension for System z 1.2 Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned. CVE-2011-1750 SUSE Linux Enterprise Server 11 SP1-TERADATA:kvm-0.12.5-1.8.1 SUSE Linux Enterprise Desktop 11 SP1:kvm SUSE Linux Enterprise Enterprise Server 11 SP1 for SAP Enterprise Search:kvm SUSE Linux Enterprise Server 11 SP1 LTSS:kvm SUSE Linux Enterprise Server 11 SP1 for Teradata:kvm SUSE Linux Enterprise Server 11 SP1:kvm SUSE Linux Enterprise Server for SAP Business All-in-One 11 SP1:kvm SUSE Studio Extension for System z 1.2:kvm important 7.4 AV:A/AC:M/Au:S/C:C/I:C/A:C