Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0144

Опубликовано: 26 мар. 2014
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmWill not fix
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevAffected
OpenStack 3 for RHEL 6qemu-kvm-rhevFixedRHSA-2014:043524.04.2014
OpenStack 4 for RHEL 6qemu-kvm-rhevFixedRHSA-2014:043424.04.2014
Red Hat Enterprise Linux 6qemu-kvmFixedRHSA-2014:042022.04.2014
RHEV 3.X Hypervisor and Agents for RHEL-6qemu-kvm-rhevFixedRHSA-2014:042122.04.2014
RHEV 3.X Hypervisor and Agents for RHEL-6rhev-hypervisor6FixedRHSA-2014:067409.06.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1079240Qemu: block: missing input validation

EPSS

Процентиль: 83%
0.01978
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0144

CVSS3: 8.6
ubuntu
больше 2 лет назад

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

nvd логотип

CVE-2014-0144

CVSS3: 8.6
nvd
больше 2 лет назад

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

debian логотип

CVE-2014-0144

CVSS3: 8.6
debian
больше 2 лет назад

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various ...

github логотип

GHSA-p3jv-vmvr-2v4v

CVSS3: 8.6
github
больше 2 лет назад

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

oracle-oval логотип

ELSA-2014-0420

oracle-oval
около 11 лет назад

ELSA-2014-0420: qemu-kvm security update (MODERATE)

EPSS

Процентиль: 83%
0.01978
Низкий

4.3 Medium

CVSS2