Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-02-26T15:00:00

Updated: 2024-08-07T00:01:49.942Z

Reserved: 2011-10-18T00:00:00

Link: CVE-2011-4111

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-02-26T15:55:08.297

Modified: 2023-02-13T04:32:44.790

Link: CVE-2011-4111

cve-icon Redhat

Severity : Important

Publid Date: 2011-11-28T00:00:00Z

Links: CVE-2011-4111 - Bugzilla