Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30747
HistoryMay 15, 2014 - 12:00 a.m.

[oss-security] CVE-2014-0223 Qemu: qcow1: Validate image size

2014-05-1500:00:00
vulners.com
22

Hello,

'CVE-2014-0223' has been assigned to this issue.

A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.

This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).

Upstream fix:

-> https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html

Thank you.

Prasad J Pandit / Red Hat Security Response Team

Related for SECURITYVULNS:DOC:30747