Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QEMU 缓冲区错误漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 0.15.1及之前的版本存在缓冲区错误漏洞。本地攻击者可通过特制的SAI READ CAPACITY SCSI命令利用该漏洞以CD-ROM访问权限造成拒绝服务(虚拟机崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A