Lucene search

K
nvd[email protected]NVD:CVE-2014-0150
HistoryApr 18, 2014 - 2:55 p.m.

CVE-2014-0150

2014-04-1814:55:25
CWE-189
web.nvd.nist.gov
9

CVSS2

4.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:P/I:P/A:P

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

36.6%

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.

Affected configurations

Nvd
Node
qemuqemuRange≀2.0
OR
qemuqemuRange≀2.0.0-
OR
qemuqemuMatch0.1.0
OR
qemuqemuMatch0.1.1
OR
qemuqemuMatch0.1.2
OR
qemuqemuMatch0.1.3
OR
qemuqemuMatch0.1.4
OR
qemuqemuMatch0.1.5
OR
qemuqemuMatch0.1.6
OR
qemuqemuMatch0.2.0
OR
qemuqemuMatch0.3.0
OR
qemuqemuMatch0.4.0
OR
qemuqemuMatch0.4.1
OR
qemuqemuMatch0.4.2
OR
qemuqemuMatch0.4.3
OR
qemuqemuMatch0.5.0
OR
qemuqemuMatch0.5.1
OR
qemuqemuMatch0.5.2
OR
qemuqemuMatch0.5.3
OR
qemuqemuMatch0.5.4
OR
qemuqemuMatch0.5.5
OR
qemuqemuMatch0.6.0
OR
qemuqemuMatch0.6.1
OR
qemuqemuMatch0.7.0
OR
qemuqemuMatch0.7.1
OR
qemuqemuMatch0.7.2
OR
qemuqemuMatch0.8.0
OR
qemuqemuMatch0.8.1
OR
qemuqemuMatch0.8.2
OR
qemuqemuMatch0.9.0
OR
qemuqemuMatch0.9.1
OR
qemuqemuMatch0.9.1-5
OR
qemuqemuMatch0.10.0
OR
qemuqemuMatch0.10.1
OR
qemuqemuMatch0.10.2
OR
qemuqemuMatch0.10.3
OR
qemuqemuMatch0.10.4
OR
qemuqemuMatch0.10.5
OR
qemuqemuMatch0.10.6
OR
qemuqemuMatch0.11.0
OR
qemuqemuMatch0.11.0rc0
OR
qemuqemuMatch0.11.0rc1
OR
qemuqemuMatch0.11.0rc2
OR
qemuqemuMatch0.11.0-rc0
OR
qemuqemuMatch0.11.0-rc1
OR
qemuqemuMatch0.11.0-rc2
OR
qemuqemuMatch0.11.1
OR
qemuqemuMatch0.12.0
OR
qemuqemuMatch0.12.0rc1
OR
qemuqemuMatch0.12.0rc2
OR
qemuqemuMatch0.12.1
OR
qemuqemuMatch0.12.2
OR
qemuqemuMatch0.12.3
OR
qemuqemuMatch0.12.4
OR
qemuqemuMatch0.12.5
OR
qemuqemuMatch0.13.0
OR
qemuqemuMatch0.13.0rc0
OR
qemuqemuMatch0.13.0rc1
OR
qemuqemuMatch0.14.0
OR
qemuqemuMatch0.14.0rc0
OR
qemuqemuMatch0.14.0rc1
OR
qemuqemuMatch0.14.0rc2
OR
qemuqemuMatch0.14.1
OR
qemuqemuMatch0.15.0rc1
OR
qemuqemuMatch0.15.0rc2
OR
qemuqemuMatch0.15.1
OR
qemuqemuMatch0.15.2
OR
qemuqemuMatch1.0
OR
qemuqemuMatch1.0rc1
OR
qemuqemuMatch1.0rc2
OR
qemuqemuMatch1.0rc3
OR
qemuqemuMatch1.0rc4
OR
qemuqemuMatch1.0.1
OR
qemuqemuMatch1.1
OR
qemuqemuMatch1.1rc1
OR
qemuqemuMatch1.1rc2
OR
qemuqemuMatch1.1rc3
OR
qemuqemuMatch1.1rc4
OR
qemuqemuMatch1.4.1
OR
qemuqemuMatch1.4.2
OR
qemuqemuMatch1.5.0
OR
qemuqemuMatch1.5.0rc1
OR
qemuqemuMatch1.5.0rc2
OR
qemuqemuMatch1.5.0rc3
OR
qemuqemuMatch1.5.1
OR
qemuqemuMatch1.5.2
OR
qemuqemuMatch1.5.3
OR
qemuqemuMatch1.6.0
OR
qemuqemuMatch1.6.0rc1
OR
qemuqemuMatch1.6.0rc2
OR
qemuqemuMatch1.6.0rc3
OR
qemuqemuMatch1.6.1
OR
qemuqemuMatch1.6.2
OR
qemuqemuMatch1.7.1
OR
qemuqemuMatch2.0.0rc0
OR
qemuqemuMatch2.0.0rc1
OR
qemuqemuMatch2.0.0rc2
OR
qemuqemuMatch2.0.0rc3
OR
redhatenterprise_linuxMatch6.0
VendorProductVersionCPE
qemuqemu*cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
qemuqemu*cpe:2.3:a:qemu:qemu:*:-:*:*:*:*:*:*
qemuqemu0.1.0cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*
qemuqemu0.1.1cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*
qemuqemu0.1.2cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*
qemuqemu0.1.3cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*
qemuqemu0.1.4cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*
qemuqemu0.1.5cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*
qemuqemu0.1.6cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*
qemuqemu0.2.0cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 991

CVSS2

4.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:P/I:P/A:P

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

36.6%