Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0145

Опубликовано: 26 мар. 2014
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmWill not fix
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevAffected
OpenStack 3 for RHEL 6qemu-kvm-rhevFixedRHSA-2014:043524.04.2014
OpenStack 4 for RHEL 6qemu-kvm-rhevFixedRHSA-2014:043424.04.2014
Red Hat Enterprise Linux 6qemu-kvmFixedRHSA-2014:042022.04.2014
RHEV 3.X Hypervisor and Agents for RHEL-6qemu-kvm-rhevFixedRHSA-2014:042122.04.2014
RHEV 3.X Hypervisor and Agents for RHEL-6rhev-hypervisor6FixedRHSA-2014:067409.06.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1078885Qemu: prevent possible buffer overflows

EPSS

Процентиль: 20%
0.00063
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0145

CVSS3: 7.8
ubuntu
почти 8 лет назад

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).

nvd логотип

CVE-2014-0145

CVSS3: 7.8
nvd
почти 8 лет назад

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).

debian логотип

CVE-2014-0145

CVSS3: 7.8
debian
почти 8 лет назад

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, a ...

github логотип

GHSA-cc9p-3fx3-m352

CVSS3: 7.8
github
около 3 лет назад

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).

oracle-oval логотип

ELSA-2014-0420

oracle-oval
около 11 лет назад

ELSA-2014-0420: qemu-kvm security update (MODERATE)

EPSS

Процентиль: 20%
0.00063
Низкий

4.3 Medium

CVSS2