Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QEMU USB OHCI模拟支持整数溢出漏洞
Vulnerability Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 2.5.1之前版本的USB OHCI模拟支持(hw/usb/dev-network.c)中存在整数溢出漏洞。本地攻击者可借助rndis_query_response、rndis_set_response或usb_net_handle_dataout函数中未正确处理的远程NDIS控制消息数据包,利用该漏洞拒绝服务(QEMU进程崩溃),
CVSS Information
N/A
Vulnerability Type
N/A