Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-0144

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

Published

2022-09-29T03:15:11.087

Last Modified

2024-11-21T02:01:28.347

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses
  • Type: Primary
    CWE-20
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application qemu qemu < 2.0.0 Yes
Application redhat virtualization 3.0 Yes
Operating System redhat enterprise_linux_desktop 6.0 Yes
Operating System redhat enterprise_linux_eus 6.5 Yes
Operating System redhat enterprise_linux_openstack_platform 5 Yes
Operating System redhat enterprise_linux_server 6.0 Yes
Operating System redhat enterprise_linux_server_aus 6.5 Yes
Operating System redhat enterprise_linux_server_tus 6.5 Yes
Operating System redhat enterprise_linux_workstation 6.0 Yes
References