Denial Of Service (DoS)

2019-01-1509:01:03

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

qemu-kvm is vulnerable to denial of service (DoS) attacks. The vulnerability exists as QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.

CPENameOperatorVersion
qemu-kvmeq0.12.1.2__2.160.el6_1.3
qemu-kvmeq0.12.1.2__2.160.el6_1.9
qemu-kvmeq0.12.1.2__2.113.el6_0.6
qemu-kvmeq0.12.1.2__2.113.el6
qemu-kvmeq0.12.1.2__2.355.el6_4.1
qemu-kvmeq0.12.1.2__2.160.el6_1.6
qemu-kvmeq0.12.1.2__2.209.el6_2.4
qemu-kvmeq0.12.1.2__2.355.el6_4.5
qemu-kvmeq0.12.1.2__2.355.el6_4.6
qemu-kvmeq0.12.1.2__2.295.el6

Name	Operator	Version
qemu-kvm	eq	0.12.1.2__2.160.el6_1.3
qemu-kvm	eq	0.12.1.2__2.160.el6_1.9
qemu-kvm	eq	0.12.1.2__2.113.el6_0.6
qemu-kvm	eq	0.12.1.2__2.113.el6
qemu-kvm	eq	0.12.1.2__2.355.el6_4.1
qemu-kvm	eq	0.12.1.2__2.160.el6_1.6
qemu-kvm	eq	0.12.1.2__2.209.el6_2.4
qemu-kvm	eq	0.12.1.2__2.355.el6_4.5
qemu-kvm	eq	0.12.1.2__2.355.el6_4.6
qemu-kvm	eq	0.12.1.2__2.295.el6