Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine.
References
Link | Resource |
---|---|
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=246f65838d19db6db55bfb41117c35645a2c4789 | |
http://rhn.redhat.com/errata/RHSA-2014-0420.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0421.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2014/03/26/8 | Mailing List Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1078848 | Issue Tracking Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1086717 | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
13 Feb 2023, 00:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Oct 2022, 18:46
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://www.openwall.com/lists/oss-security/2014/03/26/8 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1078848 - Issue Tracking, Third Party Advisory | |
References | (MISC) http://rhn.redhat.com/errata/RHSA-2014-0421.html - Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1086717 - Issue Tracking, Third Party Advisory | |
References | (MISC) http://rhn.redhat.com/errata/RHSA-2014-0420.html - Third Party Advisory | |
References | (MISC) http://git.qemu.org/?p=qemu.git;a=commitdiff;h=246f65838d19db6db55bfb41117c35645a2c4789 - Mailing List, Patch, Vendor Advisory | |
CWE | CWE-190 | |
First Time |
Redhat enterprise Linux Server Tus
Fedoraproject fedora Redhat Redhat enterprise Linux Eus Redhat enterprise Linux Server Aus Redhat virtualization Fedoraproject Qemu qemu Redhat enterprise Linux Desktop Qemu Redhat enterprise Linux Server Redhat enterprise Linux Workstation Redhat enterprise Linux Openstack Platform |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.2 |
CPE | cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_openstack_platform:5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:* |
29 Sep 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-29 03:15
Updated : 2023-12-10 14:35
NVD link : CVE-2014-0147
Mitre link : CVE-2014-0147
CVE.ORG link : CVE-2014-0147
JSON object : View
Products Affected
redhat
- virtualization
- enterprise_linux_server_tus
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_server_aus
- enterprise_linux_openstack_platform
- enterprise_linux_eus
qemu
- qemu
fedoraproject
- fedora
CWE
CWE-190
Integer Overflow or Wraparound