The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
Software | From | Fixed in |
---|---|---|
redhat / enterprise_linux_desktop | 6.0 | 6.0.x |
redhat / enterprise_linux_server | 6.0 | 6.0.x |
redhat / enterprise_linux_workstation | 6.0 | 6.0.x |
qemu / qemu | - | 1.7.2 |
redhat / virtualization | 3.0 | 3.0.x |
redhat / enterprise_linux_server_tus | 6.5 | 6.5.x |