You are here

CVE-2008-0928

Vincent (CVE) Danen's picture
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.

Details Source

Mitre

Public Date

2008-02-19 00:00:00

Impact

Moderate

Bugzilla

CVE-2008-0928 Qemu insufficient block device address range checking

Bugzilla ID

433 560

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (xen) RHSA-2008:0194 2008-05-13
Red Hat Enterprise Linux Virtualization 5 (xen) RHSA-2008:0194 2008-05-13