CVE-2014-0223
published 2014-11-04CVE-2014-0223: Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute…
medium4.6CVSS 3.1
AVLACLAuNCPIPAP
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.
Affected
74 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | qemu | < qemu 2.0.0+dfsg-6 (bookworm) | qemu 2.0.0+dfsg-6 (bookworm) |
| qemu | qemu | <= 1.7.1 | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
| qemu | qemu | — | — |
CVSS provenance
nvd4.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH