Oval Definition:oval:org.opensuse.security:def:20112512
Revision Date:2022-05-20Version:1
Title:CVE-2011-2512
Description:

The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-2512
Mitre CVE-2011-2512
SUSE CVE-2011-2512
openSUSE-SU-2011:0803-1
openSUSE-SU-2011:0803-1
SUSE-SU-2011:0806-1
SUSE-SU-2011:0806-1
Platform(s):openSUSE 11.3
openSUSE 11.4
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
Product(s):
Definition Synopsis
  • Release Information
  • suse113 is installed
  • AND kvm less than 0.12.5-1.8.1
  • OR
  • suse114 is installed
  • AND kvm less than 0.14.0.0-1.10.1
  • OR Package Information
  • sled11-sp1 is installed
  • AND kvm less than 0.12.5-1.16.1
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND kvm-0.12.5-1.16 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND kvm-0.12.5-1.16 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND kvm-0.12.5-1.16.1 is installed
    • BACK