Vulnerability Details : CVE-2014-0049
Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.
Vulnerability category: OverflowExecute code
Products affected by CVE-2014-0049
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-0049
0.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-0049
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.4
|
HIGH | AV:A/AC:M/Au:S/C:C/I:C/A:C |
4.4
|
10.0
|
NIST |
CWE ids for CVE-2014-0049
-
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0049
-
http://www.openwall.com/lists/oss-security/2014/03/03/1
oss-security - CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds accessMailing List;Patch;Third Party Advisory
-
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b
-
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6
Release Notes;Vendor Advisory
-
https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b
kvm: x86: fix emulator buffer overflow (CVE-2014-0049) · torvalds/linux@a08d3b3 · GitHubPatch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1062368
1062368 – (CVE-2014-0049) CVE-2014-0049 kernel: kvm: mmio_fragments out-of-the-bounds accessIssue Tracking;Patch;Third Party Advisory
Jump to