CVE-2014-0145 in Fabrice Bellard QEMUinfo

Summary

Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/03/2013

Disclosure

08/10/2017

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
12740	Fabrice Bellard QEMU memory corruption	119	Unproven	Official fix	CVE-2014-0145

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!