CVE-2014-0146 : The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a d

The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.

Published 2017-08-10 15:29:00

Updated 2023-02-13 00:32:55

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2014-0146

Probability of exploitation activity in the next 30 days: 0.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 34 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-0146

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.9	LOW	AV:L/AC:M/Au:N/C:N/I:N/A:P	3.4	2.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
5.5	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2014-0146

CWE-476 NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-0146

http://www.openwall.com/lists/oss-security/2014/03/26/8

oss-security - QEMU image format input validation fixes (multiple CVEs)
Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0421.html

RHSA-2014:0421 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2014/dsa-3044

Debian -- Security Information -- DSA-3044-1 qemu-kvm

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0420.html

RHSA-2014:0420 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=11b128f4062dd7f89b14abc8877ff20d41b28be9

git.qemu.org Git
https://bugzilla.redhat.com/show_bug.cgi?id=1078232

1078232 – (CVE-2014-0146) CVE-2014-0146 Qemu: qcow2: NULL dereference in qcow2_open() error path
Issue Tracking;Third Party Advisory

Products affected by CVE-2014-0146

Qemu » Qemu
Versions up to, including, (<=) 1.7.1
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC0
cpe:2.3:a:qemu:qemu:2.0.0:rc0:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC2
cpe:2.3:a:qemu:qemu:2.0.0:rc2:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC3
cpe:2.3:a:qemu:qemu:2.0.0:rc3:*:*:*:*:*:*
Matching versions
Qemu » Qemu » Version: 2.0.0 Update RC1
cpe:2.3:a:qemu:qemu:2.0.0:rc1:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-0146

Exploit prediction scoring system (EPSS) score for CVE-2014-0146

CVSS scores for CVE-2014-0146

CWE ids for CVE-2014-0146

References for CVE-2014-0146

Products affected by CVE-2014-0146