Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24611
HistoryApr 10, 2020 - 12:59 a.m.

Arbitrary Code Execution

2020-04-1000:59:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

EPSS

0.001

Percentile

26.0%

qemu-kvm is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the virtio-blk driver in qemu-kvm did not properly validate read and write requests from guests. A privileged guest user could use this flaw to crash the guest or, possibly, execute arbitrary code on the host.

References