CVE-2014-0150
The MITRE CVE dictionary describes this issue as:
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.
Find out more about CVE-2014-0150 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
This issue does not affect the kvm and xen packages as shipped with Red Hat Enterprise Linux 5.
This issue does affect the qemu-kvm package as shipped with Red Hat Enterprise Linux 6. Future qemu-kvm updates in Red Hat Enterprise Linux 6 may address this flaw.
CVSS v2 metrics
| Base Score | 4 |
|---|---|
| Base Metrics | AV:A/AC:H/Au:S/C:P/I:P/A:P |
| Access Vector | Adjacent Network |
| Access Complexity | High |
| Authentication | Single |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| RHEV Agents (vdsm) (qemu-kvm-rhev) | RHSA-2014:0421 | 2014-04-22 |
| Red Hat Enterprise Linux OpenStack Platform 3.0 (qemu-kvm-rhev) | RHSA-2014:0435 | 2014-04-24 |
| Red Hat Enterprise Linux 6 (qemu-kvm) | RHSA-2014:0420 | 2014-04-22 |
| Red Hat Enterprise Linux OpenStack Platform 4.0 (qemu-kvm-rhev) | RHSA-2014:0434 | 2014-04-24 |
| RHEV Hypervisor for RHEL-6 (rhev-hypervisor6) | RHSA-2014:0674 | 2014-06-09 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) | qemu-kvm-rhev | Will not fix |
| Red Hat Enterprise Linux 7 | qemu-kvm | Not affected |
| Red Hat Enterprise Linux 5 | xen | Not affected |
| Red Hat Enterprise Linux 5 | kvm | Will not fix |
Acknowledgements
This issue was discovered by Michael S. Tsirkin of Red Hat.CVE description copyright © 2017, The MITRE Corporation