PT-2014-3544 · Qemu+5 · Qemu+5

Publicado

2014-04-22

·

Atualizado

2024-06-15

·

CVE-2014-0222

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions QEMU versions prior to 1.7.2
Description The issue is related to an integer overflow in the qcow open function, which can be triggered by a large L2 table in a QCOW version 1 image, allowing remote attackers to cause a denial of service (crash).
Recommendations For versions prior to 1.7.2, update to version 1.7.2 or later to resolve the issue.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

ALT-PU-2014-1526
CESA-2014_0927
CESA-2014_1075
CVE-2014-0222
DSA-3044-1
DSA-3045-1
MGASA-2014-0426
OPENSUSE-SU-2015_1964-1
OPENSUSE-SU-2015_2003-1
OPENSUSE-SU-2016_0914-1
OPENSUSE-SU-2016_0995-1
OPENSUSE-SU-2024:10196-1
OPENSUSE-SU-2024:11287-1
RHSA-2014:0927
RHSA-2014:1075
RHSA-2014:1076
RHSA-2014:1168
RHSA-2014:1187
RHSA-2014:1268
RHSA-2014_0927
RHSA-2014_1075
SUSE-SU-2014_1278-1
SUSE-SU-2015:0870-1
SUSE-SU-2015:0889-1
SUSE-SU-2015:0929-1
SUSE-SU-2015:1152-1
SUSE-SU-2015:1853-1
SUSE-SU-2015:1894-1
SUSE-SU-2015:1908-1
SUSE-SU-2015:1952-1
SUSE-SU-2015_0929-1
SUSE-SU-2015_1853-1
SUSE-SU-2015_1894-1
SUSE-SU-2015_1908-1
SUSE-SU-2015_1952-1
SUSE-SU-2016:0873-1
SUSE-SU-2016:0955-1
SUSE-SU-2016:1154-1
SUSE-SU-2016:1318-1
SUSE-SU-2016:1745-1
SUSE-SU-2016_0658-1
SUSE-SU-2016_1445-1
USN-2342-1

Produtos afetados

Alt Linux
Centos
Qemu
Red Hat
Suse
Ubuntu