CVE-2014-0223

Опубликовано: 12 мая 2014

Источник: redhat

CVSS2: 4.3

Описание

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kvm	Will not fix
OpenStack 4 for RHEL 6	qemu-kvm-rhev	Fixed	RHSA-2014:1187	15.09.2014
Red Hat Enterprise Linux 6	qemu-kvm	Fixed	RHSA-2014:1075	19.08.2014
Red Hat Enterprise Linux 7	qemu-kvm	Fixed	RHSA-2014:0927	23.07.2014
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6	qemu-kvm-rhev	Fixed	RHSA-2014:1187	15.09.2014
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7	qemu-kvm-rhev	Fixed	RHSA-2014:1268	22.09.2014
RHEV 3.X Hypervisor and Agents for RHEL-6	qemu-kvm-rhev	Fixed	RHSA-2014:1076	19.08.2014
RHEV 3.X Hypervisor and Agents for RHEL-6	rhev-hypervisor6	Fixed	RHSA-2014:1168	09.09.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-190->CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=1097222Qemu: qcow1: validate image size to avoid out-of-bounds memory access

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2014-0223

ubuntu

около 11 лет назад

CVE-2014-0223

nvd

около 11 лет назад

CVE-2014-0223

debian

около 11 лет назад

Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...

GHSA-234q-mv7h-px9x

github

больше 3 лет назад

ELSA-2014-1075

oracle-oval

около 11 лет назад

ELSA-2014-1075: qemu-kvm security and bug fix update (MODERATE)

4.3 Medium

CVSS2