Oval Definition:oval:org.opensuse.security:def:20111751
Revision Date:2022-05-20Version:1
Title:CVE-2011-1751
Description:

The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers."
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-1751
Mitre CVE-2011-1751
SUSE CVE-2011-1751
openSUSE-SU-2011:0510-1
openSUSE-SU-2011:0510-1
SUSE-SR:2011:010
SUSE-SR:2011:010
Platform(s):openSUSE 11.3
openSUSE 11.4
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
Product(s):
Definition Synopsis
  • Release Information
  • sled11-sp1 is installed
  • AND kvm less than 0.12.5-1.8.1
  • OR Package Information
  • suse113 is installed
  • AND kvm less than 0.12.5-1.4.1
  • OR
  • suse114 is installed
  • AND kvm less than 0.14.0.0-1.6.1
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND kvm-0.12.5-1.8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND kvm-0.12.5-1.8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND kvm-0.12.5-1.8.1 is installed
    • BACK