Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0049

Опубликовано: 03 мар. 2014
Источник: redhat
CVSS2: 6.5
EPSS Низкий

Описание

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

Отчет

Not vulnerable. This issue did not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5 as they did not backport the upstream kvm commit that introduced this issue. This issue did not affect the versions of Linux kernel as shipped Red Hat Enterprise Linux 6 as they did not backport the upstream kvm commit that introduced this issue. This issue did not affect the versions of Linux kernel as shipped Red Hat Enterprise MRG as they did not provide support for the KVM subsystem.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=1062368kernel: kvm: mmio_fragments out-of-the-bounds access

EPSS

Процентиль: 42%
0.00197
Низкий

6.5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0049

ubuntu
больше 11 лет назад

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

nvd логотип

CVE-2014-0049

nvd
больше 11 лет назад

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

debian логотип

CVE-2014-0049

debian
больше 11 лет назад

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm ...

github логотип

GHSA-vm7h-784c-gg5h

github
около 3 лет назад

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

fstec логотип

BDU:2014-00055

fstec
больше 11 лет назад

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании, повысить свои привилегии или выполнить произвольный код

EPSS

Процентиль: 42%
0.00197
Низкий

6.5 Medium

CVSS2