QEMU <2.0: Hyper-V VHDX block driver loop DoS vulnerability
CVE-2014-0148 Published on September 29, 2022

Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS.

NVD

Products Associated with CVE-2014-0148

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-0148 are published in these products:

QEMU

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Tus

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Workstation

Red Hat Virtualization

Red Hat Enterprise Linux Eus

Red Hat Enterprise Linux Openstack Platform

Exploit Probability

EPSS

0.12%

Percentile

30.79%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

QEMU <2.0: Hyper-V VHDX block driver loop DoS vulnerabilityCVE-2014-0148 Published on September 29, 2022

Products Associated with CVE-2014-0148

Exploit Probability

QEMU <2.0: Hyper-V VHDX block driver loop DoS vulnerability
CVE-2014-0148 Published on September 29, 2022