7.4 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
25.2%
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier
allows privileged guest users to cause a denial of service (guest crash) or
gain privileges via a crafted indirect descriptor related to “virtqueue in
and out requests.”
Author | Note |
---|---|
jdstrand | be careful, 0.14.1 and Debian do not have the patch |