Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS.
References
Link | Resource |
---|---|
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1d7678dec4761acdc43439da6ceda41a703ba1a6 | |
http://rhn.redhat.com/errata/RHSA-2014-0420.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2014-0421.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2014/03/26/8 | Mailing List Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1078212 | Issue Tracking Patch Third Party Advisory |
https://lists.gnu.org/archive/html/qemu-devel/2014-03/msg04994.html | Mailing List Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
13 Feb 2023, 00:33
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Oct 2022, 14:37
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_openstack_platform:5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:* |
|
CWE | CWE-835 | |
First Time |
Redhat enterprise Linux Server Tus
Redhat Redhat enterprise Linux Eus Redhat enterprise Linux Server Aus Redhat virtualization Qemu qemu Redhat enterprise Linux Desktop Qemu Redhat enterprise Linux Server Redhat enterprise Linux Workstation Redhat enterprise Linux Openstack Platform |
|
References | (MISC) http://www.openwall.com/lists/oss-security/2014/03/26/8 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) http://git.qemu.org/?p=qemu.git;a=commit;h=1d7678dec4761acdc43439da6ceda41a703ba1a6 - Mailing List, Patch, Vendor Advisory | |
References | (MISC) http://rhn.redhat.com/errata/RHSA-2014-0421.html - Third Party Advisory | |
References | (MISC) http://rhn.redhat.com/errata/RHSA-2014-0420.html - Third Party Advisory | |
References | (MISC) https://lists.gnu.org/archive/html/qemu-devel/2014-03/msg04994.html - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1078212 - Issue Tracking, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
29 Sep 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-29 03:15
Updated : 2023-12-10 14:35
NVD link : CVE-2014-0148
Mitre link : CVE-2014-0148
CVE.ORG link : CVE-2014-0148
JSON object : View
Products Affected
redhat
- virtualization
- enterprise_linux_desktop
- enterprise_linux_openstack_platform
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_server_tus
- enterprise_linux_eus
- enterprise_linux_workstation
qemu
- qemu
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')