Lucene search

K

PRIOn knowledge basePRION:CVE-2014-0223

HistoryNov 04, 2014 - 9:55 p.m.

Integer overflow

2014-11-0421:55:00

PRIOn knowledge base

www.prio-n.com

4

8 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

CPENameOperatorVersion
qemueq1.0 rc1
qemueq0.12.2
qemueq0.12.0 rc2
qemule1.7.1
qemueq1.1 rc3
qemueq1.6.0
qemueq0.1.6
qemueq1.5.0 rc1
qemueq0.13.0 rc0
qemueq0.5.3

Rows per page:

1-10 of 931

References

lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html

lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html

www.debian.org/security/2014/dsa-3044

www.securityfocus.com/bid/67391

lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html

lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html

8 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

Related for PRION:CVE-2014-0223

securityvulns4 cve1 debiancve1 ubuntucve1 ibm1 nessus18 openvas23 veracode1 redhat6 centos2 oraclelinux3 suse1 fedora8 debian2 gentoo1 ubuntu1 mageia1