Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:01
Type | Values Removed | Values Added |
---|---|---|
References | () http://article.gmane.org/gmane.comp.emulators.qemu/266768 - | |
References | () http://secunia.com/advisories/57878 - Vendor Advisory | |
References | () http://secunia.com/advisories/58191 - | |
References | () http://thread.gmane.org/gmane.comp.emulators.qemu/266713 - Patch | |
References | () http://www.debian.org/security/2014/dsa-2909 - | |
References | () http://www.debian.org/security/2014/dsa-2910 - | |
References | () http://www.ubuntu.com/usn/USN-2182-1 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1078846 - |
Information
Published : 2014-04-18 14:55
Updated : 2024-11-21 02:01
NVD link : CVE-2014-0150
Mitre link : CVE-2014-0150
CVE.ORG link : CVE-2014-0150
JSON object : View
Products Affected
redhat
- enterprise_linux
qemu
- qemu
CWE
CWE-189
Numeric Errors