CVE-2014-0146
10.08.2017, 15:29
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| qemu | qemu | 𝑥 ≤ 1.7.1 |
| qemu | qemu | 2.0.0:rc0 |
| qemu | qemu | 2.0.0:rc1 |
| qemu | qemu | 2.0.0:rc2 |
| qemu | qemu | 2.0.0:rc3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||
|---|---|---|---|---|---|
| qemu |
| ||||
| qemu-block-curl |
| ||||
| qemu-block-iscsi |
| ||||
| qemu-block-rbd |
| ||||
| qemu-block-ssh |
| ||||
| qemu-guest-agent |
| ||||
| qemu-ipxe |
| ||||
| qemu-kvm |
| ||||
| qemu-lang |
| ||||
| qemu-seabios |
| ||||
| qemu-sgabios-8 |
| ||||
| qemu-vgabios |
| ||||
| qemu-x86 |
|
Red Hat Enterprise Linux Releases
Common Weakness Enumeration
References