SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2010-0297

Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

BID-38158

RHSA-2010:0088

http://marc.info/?l=oss-security&m=126510479211473&w=2

http://marc.info/?l=oss-security&m=126527304127254&w=2

http://git.savannah.gnu.org/cgit/qemu.git/commit/?id=babd03fde68093482528010a5435c14ce9128e3f

http://wiki.qemu.org/ChangeLog

http://www.mail-archive.com/kvm%40vger.kernel.org/msg18447.html

http://www.mail-archive.com/kvm%40vger.kernel.org/msg19581.html

http://www.mail-archive.com/kvm%40vger.kernel.org/msg19596.html

https://bugzilla.redhat.com/show_bug.cgi?id=557025

kernel-usb-bo(56194)

oval:org.mitre.oval:def:11786


30479



423868



248149



909



194803



282