CVE-2011-1751 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-1751 Interim 1 17 2024-04-03T00:56:08Z current 2021-05-30T12:57:22Z 2024-04-03T00:56:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-1751 The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J3SFKURISLALS2JGJL22FCLRZSUGU7TT/#J3SFKURISLALS2JGJL22FCLRZSUGU7TT E-Mail link for SUSE-SR:2011:010 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2GYOIMCZROPCPAJ2KKWIHJNXYM6WHVDA/#2GYOIMCZROPCPAJ2KKWIHJNXYM6WHVDA E-Mail link for SUSE-SU-2011:0608-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1-TERADATA kvm-0.12.5-1.8.1 kvm-0.12.5-1.8.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers." CVE-2011-1751 SUSE Linux Enterprise Server 11 SP1-TERADATA:kvm-0.12.5-1.8.1 important 7.4 AV:A/AC:M/Au:S/C:C/I:C/A:C