CVE-2014-0145 : Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).

Published 2017-08-10 15:29:00

Updated 2023-02-13 00:32:51

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2014-0145

Qemu » Qemu
Versions up to, including, (<=) 1.7.1
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC0
cpe:2.3:a:qemu:qemu:2.0.0:rc0:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC2
cpe:2.3:a:qemu:qemu:2.0.0:rc2:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC3
cpe:2.3:a:qemu:qemu:2.0.0:rc3:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC1
cpe:2.3:a:qemu:qemu:2.0.0:rc1:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-0145

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 17 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-0145

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2014-0145

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-0145

http://www.openwall.com/lists/oss-security/2014/03/26/8

oss-security - QEMU image format input validation fixes (multiple CVEs)
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.gnu.org/archive/html/qemu-devel/2014-03/msg04994.html

[Qemu-devel] [PATCH for-2.0 00/47] block: image format input validation
Patch;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0421.html

RHSA-2014:0421 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2014/dsa-3044

Debian -- Security Information -- DSA-3044-1 qemu-kvm

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0420.html

RHSA-2014:0420 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c05e4667be91b46ab42b5a11babf8e84d476cc6b

git.qemu.org Git
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=c165f7758009a4f793c1fc19ebb69cf55313450b

git.qemu.org Git
https://bugzilla.redhat.com/show_bug.cgi?id=1078885

1078885 – (CVE-2014-0145) CVE-2014-0145 Qemu: prevent possible buffer overflows
Issue Tracking;Third Party Advisory
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f0dce23475b5af5da6b17b97c1765271307734b6

git.qemu.org Git

Jump to

Vulnerability Details : CVE-2014-0145

Products affected by CVE-2014-0145

Exploit prediction scoring system (EPSS) score for CVE-2014-0145

CVSS scores for CVE-2014-0145

CWE ids for CVE-2014-0145

References for CVE-2014-0145