« List of all CVEs

CVE-2014-0223

Published: 11/4/2014 Last updated: 8/6/2024 Reserved: 12/3/2013

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (2)

conf-qemu-img nbd-tool

Products affected (1)

Product Vendor Version
n/a n/a < d52dab6e03550f9c97121b0c11c0a3ed78ee76a4

References (24)