2
Candidate: CVE-2011-4111
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4111
7
Buffer overflow in the ccid_card_vscard_handle_message function in
8
hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows
9
remote attackers to cause a denial of service (crash) and possibly execute
10
arbitrary code via a crafted VSC_ATR message.
13
jdstrand> introduced in commit edbb2136 and released in 0.15
14
jdstrand> verified code not present in 11.10 and lower
21
upstream_qemu-kvm: pending (1.0-rc4)
23
lucid_qemu-kvm: not-affected (code-not-present)
24
maverick_qemu-kvm: not-affected (code-not-present)
25
natty_qemu-kvm: not-affected (code-not-present)
26
oneiric_qemu-kvm: not-affected (code-not-present)
27
devel_qemu-kvm: released (0.15.0+noroms-0ubuntu5)