CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:H/Au:N/C:C/I:C/A:C
EPSS
Percentile
93.0%
Buffer overflow in the ccid_card_vscard_handle_message function in
hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows
remote attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a crafted VSC_ATR message.
Author | Note |
---|---|
jdstrand | introduced in commit edbb2136 and released in 0.15 verified code not present in 11.10 and lower |