NVD

Id
29072  
Name
CVE-2014-0150  
Description
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
4.9  
Severity
Medium  
CVSS Base Score
4.9  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.4  
CVSS Vector
(AV:A/AC:M/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-04-18  
Modified Date
2014-05-10  
Seq
2014-0150  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
153601 29072 CVE-2014-0150 [Qemu-devel] 20140411 Re: [PATCH for-2.0] virtio-net: fix guest-triggerable buffer overrun  View
153602 29072 CVE-2014-0150 [Qemu-devel] 20140411 [PATCH for-2.0] virtio-net: fix guest-triggerable buffer overrun  View
153603 29072 CVE-2014-0150 USN-2182-1  View
153604 29072 CVE-2014-0150 https://bugzilla.redhat.com/show_bug.cgi?id=1078846  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
13314 JVNDB-2014-002189 QEMU の virtio_net_handle_mac 関数における整数オーバーフローの脆弱性 QEMU の hw/net/virtio-net.c 内の virtio_net_handle_mac 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2014-0150 67551 CVE-2014-0150 29072 4.9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002189.html 2014-03-20 2014-04-23 View