Vulnerability-Lookup

CVE-2014-0143 (GCVE-0-2014-0143)

Vulnerability from cvelistv5 – Published: 2017-08-10 15:00 – Updated: 2024-08-06 09:05

Summary

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

FKIE_CVE-2014-0143

Vulnerability from fkie_nvd - Published: 2017-08-10 15:29 - Updated: 2025-04-20 01:37

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f
secalert@redhat.com	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0420.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2014-0421.html	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2014/dsa-3044
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1079140	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f
af854a3a-2127-422b-91ae-364da2661108	http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0420.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-0421.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-3044
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1079140	Issue Tracking, Patch, Third Party Advisory

Impacted products

	Vendor	Product	Version
	redhat	enterprise_linux	6.0
	qemu	qemu	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "535B1295-C195-4EFD-8509-C6DE3FAF3F3E",
              "versionEndIncluding": "1.7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de enteros en los controladores de bloque en QEMU, posiblemente en versiones anteriores a la 2.0.0, permiten que usuarios locales provoquen una denegaci\u00f3n de servicio mediante un tama\u00f1o de cat\u00e1logo manipulado en (1) la funci\u00f3n parallels_open en block/parallels.c o (2) la funci\u00f3n bochs_open en bochs.c, una gran tabla en (3) qcow2_snapshot_load_tmp en qcow2-snapshot.c o en la funci\u00f3n (4) qcow2_grow_l1_table en qcow2-cluster.c, (5) una gran petici\u00f3n en la funci\u00f3n bdrv_check_byte_request en block.c y otros controladores de bloqueo, (6) \u00edndices de cl\u00faster manipulados en la funci\u00f3n get_refcount en qcow2-refcount.c, o (7) un gran n\u00famero de bloqueos en la funci\u00f3n cloop_open en cloop.c. Esto provoca desbordamientos de b\u00fafer, corrupci\u00f3n de memoria, grandes asignaciones de memoria y lesturas y escrituras fuera de l\u00edmites."
    }
  ],
  "id": "CVE-2014-0143",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-08-10T15:29:00.223",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0421.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2014/dsa-3044"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0421.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2014-0143

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-0143

Aliases

CVE-2014-0143

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-0143",
    "description": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.",
    "id": "GSD-2014-0143",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-0143.html",
      "https://www.debian.org/security/2014/dsa-3045",
      "https://www.debian.org/security/2014/dsa-3044",
      "https://access.redhat.com/errata/RHSA-2014:0674",
      "https://access.redhat.com/errata/RHSA-2014:0435",
      "https://access.redhat.com/errata/RHSA-2014:0434",
      "https://access.redhat.com/errata/RHSA-2014:0421",
      "https://access.redhat.com/errata/RHSA-2014:0420",
      "https://ubuntu.com/security/CVE-2014-0143",
      "https://advisories.mageia.org/CVE-2014-0143.html",
      "https://linux.oracle.com/cve/CVE-2014-0143.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-0143"
      ],
      "details": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.",
      "id": "GSD-2014-0143",
      "modified": "2023-12-13T01:22:44.620526Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2014-0143",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2014-0420.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2014-0421.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0421.html"
          },
          {
            "name": "http://www.debian.org/security/2014/dsa-3044",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2014/dsa-3044"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f"
          },
          {
            "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b",
            "refsource": "MISC",
            "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.7.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-0143"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-190"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140"
            },
            {
              "name": "RHSA-2014:0421",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0421.html"
            },
            {
              "name": "RHSA-2014:0420",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html"
            },
            {
              "name": "DSA-3044",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2014/dsa-3044"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b"
            },
            {
              "name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-02-13T00:32Z",
      "publishedDate": "2017-08-10T15:29Z"
    }
  }
}

GHSA-P7H7-FF68-WGX2

Vulnerability from github – Published: 2022-05-14 01:08 – Updated: 2022-05-14 01:08

Details

Severity ?

7.0 (High)


                  
                    CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-0143"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-08-10T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the (3) qcow2_snapshot_load_tmp in qcow2-snapshot.c or (4) qcow2_grow_l1_table function in qcow2-cluster.c, (5) a large request in the bdrv_check_byte_request function in block.c and other block drivers, (6) crafted cluster indexes in the get_refcount function in qcow2-refcount.c, or (7) a large number of blocks in the cloop_open function in cloop.c, which trigger buffer overflows, memory corruption, large memory allocations and out-of-bounds read and writes.",
  "id": "GHSA-p7h7-ff68-wgx2",
  "modified": "2022-05-14T01:08:33Z",
  "published": "2022-05-14T01:08:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0143"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0420"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0421"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0434"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0435"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:0674"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2014-0143"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079140"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=509a41bab5306181044b5fff02eadf96d9c8676a"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=afbcc40bee4ef51731102d7d4b499ee12fc182e1"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cab60de930684c33f67d4e32c7509b567f8c445b"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=db8a31d11d6a60f48d6817530640d75aa72a9a2f"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e3737b820b45e54b059656dc3f914f895ac7a88b"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=509a41bab5306181044b5fff02eadf96d9c8676a"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=8f4754ede56e3f9ea3fd7207f4a7c4453e59285b"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=afbcc40bee4ef51731102d7d4b499ee12fc182e1"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=cab60de930684c33f67d4e32c7509b567f8c445b"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=db8a31d11d6a60f48d6817530640d75aa72a9a2f"
    },
    {
      "type": "WEB",
      "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=e3737b820b45e54b059656dc3f914f895ac7a88b"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-0421.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2014/dsa-3044"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2014-AVI-452

Vulnerability from certfr_avis - Published: 2014-10-29 - Updated: 2014-10-29

De multiples vulnérabilités ont été corrigées dans Qemu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Qemu-kvm

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-0143 (GCVE-0-2014-0143)

FKIE_CVE-2014-0143

GSD-2014-0143

GHSA-P7H7-FF68-WGX2

CERTFR-2014-AVI-452

Contournement provisoire

Tags

Sightings

Nomenclature