Описание
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
Отчет
This issue does not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5. This issue does not affect the versions of qemu-kvm package as shipped with Red Hat Enterprise Linux 6.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Fixed | RHSA-2014:0927 | 23.07.2014 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2014:1268 | 22.09.2014 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS2
Связанные уязвимости
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEM ...
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
ELSA-2014-0927: qemu-kvm security and bug fix update (MODERATE)
EPSS
3.7 Low
CVSS2