Wind River Support Network

HomeDefectsLIN6-8883

Fixed

LIN6-8883 : Security Advisory - qemu - CVE-2014-0223

Created: Dec 1, 2014 Updated: Dec 3, 2018

Resolved Date: Dec 30, 2014

Found In Version: 6.0.0.13

Fix Version: 6.0.0.17

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0223

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38