CVE-2014-0150

EPSS 0.47%

qemu-kvm - security update

發布日:2014/4/18修改日:2026/4/28

描述

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.

受影響套件(3)

Debian/qemufrom 0, < 1.7.0+dfsg-8
Debian/qemufrom 0, < 0.12.5+dfsg-3squeeze4
Debian/qemu-kvmfrom 0, < 0.12.5+dfsg-5+squeeze11

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0150