CVE-2014-0150 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Qemu

CWE-18910 documents7 sources

Severity

4.9MEDIUMNVD

EPSS

0.6%

top 31.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Redhat Enterprise Linux

Timeline

PublishedApr 18

Latest updateMay 13

Description

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.

CVSS vector

AV:A/AC:M/C:P/I:P/A:PExploitability: 4.4 | Impact: 6.4

Affected Packages4 packages

▶debiandebian/qemu< qemu 1.7.0+dfsg-8 (bookworm)

▶Debianqemu/qemu< 1.7.0+dfsg-8+3

▶Ubuntuqemu/qemu< 2.0.0~rc1+dfsg-0ubuntu3.1

▶NVDqemu/qemu2.0+69

Also affects: Enterprise Linux 6.0

Patches

Patch: thread.gmane.org ↗Patch: thread.gmane.org ↗

🔴Vulnerability Details

GHSA

GHSA-xxw9-7gw3-r38p: Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net↗2022-05-13

▶

OSV

qemu, qemu-kvm vulnerabilities↗2014-04-28

▶

OSV

CVE-2014-0150: Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net↗2014-04-18

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2014-04-28

▶

Red Hat

qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function↗2014-04-11

▶

Debian

CVE-2014-0150: qemu - Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in...↗2014

▶

💬Community

Bugzilla

CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function [fedora-all]↗2014-04-11

▶

Bugzilla

CVE-2014-0150 xen: qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function [fedora-all]↗2014-04-11

▶

Bugzilla

CVE-2014-0150 qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function↗2014-03-20

▶