Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0146

Опубликовано: 26 мар. 2014
Источник: redhat
CVSS2: 4

Описание

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmWill not fix
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevAffected
OpenStack 3 for RHEL 6qemu-kvm-rhevFixedRHSA-2014:043524.04.2014
OpenStack 4 for RHEL 6qemu-kvm-rhevFixedRHSA-2014:043424.04.2014
Red Hat Enterprise Linux 6qemu-kvmFixedRHSA-2014:042022.04.2014
RHEV 3.X Hypervisor and Agents for RHEL-6qemu-kvm-rhevFixedRHSA-2014:042122.04.2014
RHEV 3.X Hypervisor and Agents for RHEL-6rhev-hypervisor6FixedRHSA-2014:067409.06.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1078232Qemu: qcow2: NULL dereference in qcow2_open() error path

4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0146

CVSS3: 5.5
ubuntu
почти 8 лет назад

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.

nvd логотип

CVE-2014-0146

CVSS3: 5.5
nvd
почти 8 лет назад

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.

debian логотип

CVE-2014-0146

CVSS3: 5.5
debian
почти 8 лет назад

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 an ...

github логотип

GHSA-jfvf-g3qm-f87g

CVSS3: 5.5
github
около 3 лет назад

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.

oracle-oval логотип

ELSA-2014-0420

oracle-oval
около 11 лет назад

ELSA-2014-0420: qemu-kvm security update (MODERATE)

4 Medium

CVSS2