CVE-2014-0148 in QEMUinfo

Zusammenfassung (Englisch)

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservieren

03.12.2013

Veröffentlichung

29.09.2022

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
12737	Fabrice Bellard QEMU vhdx Denial of Service	404	Unbewiesen	Offizieller Fix	CVE-2014-0148

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

◂ ZurückÜbersichtWeiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!