CVE-2014-0144
29.09.2022, 03:15
QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| qemu | qemu | 𝑥 < 2.0.0 |
| redhat | virtualization | 3.0 |
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_eus | 6.5 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server_aus | 6.5 |
| redhat | enterprise_linux_server_tus | 6.5 |
| redhat | enterprise_linux_workstation | 6.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||
|---|---|---|---|---|---|
| qemu |
| ||||
| qemu-block-curl |
| ||||
| qemu-block-iscsi |
| ||||
| qemu-block-rbd |
| ||||
| qemu-block-ssh |
| ||||
| qemu-guest-agent |
| ||||
| qemu-ipxe |
| ||||
| qemu-kvm |
| ||||
| qemu-lang |
| ||||
| qemu-seabios |
| ||||
| qemu-sgabios-8 |
| ||||
| qemu-vgabios |
| ||||
| qemu-x86 |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References