Описание
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
Отчет
This issue does not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5. This issue does not affect the versions of qemu-kvm package as shipped with Red Hat Enterprise Linux 6.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Fixed | RHSA-2014:0927 | 23.07.2014 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | qemu-kvm-rhev | Fixed | RHSA-2014:1268 | 22.09.2014 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS2
Связанные уязвимости
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remot ...
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
ELSA-2014-0927: qemu-kvm security and bug fix update (MODERATE)
EPSS
3.7 Low
CVSS2