Описание
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
Отчет
This issue does not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5. This issue does not affect the versions of qemu-kvm package as shipped with Red Hat Enterprise Linux 6.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Fixed | RHSA-2014:0927 | 23.07.2014 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2014:1268 | 22.09.2014 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS2
Связанные уязвимости
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow re ...
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
ELSA-2014-0927: qemu-kvm security and bug fix update (MODERATE)
EPSS
3.7 Low
CVSS2