CVE-2014-0150
4.9
Vector
AV:A/AC:M/Au:S/C:P/I:P/A:P
Exploitability: 4.4 / Impact: 6.4
Source: NVD
Description
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
Affected (99)
Products: Qemu: Qemu · Redhat: Enterprise Linux
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.0 | |
| Version 6.0 |
Related CWEs
References (16)
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.