Qemu · Qemu · CVE-2014-0148
**Name of the Vulnerable Software and Affected Versions**
Qemu versions prior to 2.0
**Description**
The issue arises from missing bounds checks for `block size` and `logical sector size` variables in the block driver for Hyper-V VHDX Images. This could lead to infinite loops and other potential issues when calculating BAT entries, which are used to derive other fields like `sectors per block`. A user who can alter the Qemu disk image could exploit this flaw to crash the Qemu instance, resulting in a denial of service (DoS).
**Recommendations**
For Qemu versions prior to 2.0, update to version 2.0 or later to resolve the issue.