CVE-2014-0222
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2014-0222
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-0222.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2014-0222
- Downstream
- Related
- Published
- 2014-11-04T21:55:25Z
- Modified
- 2025-04-12T10:46:40Z
- Summary
- [none]
- Details
-
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
- References
-
- http://www.debian.org/security/2014/dsa-3044
- https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
- http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html
- http://www.securityfocus.com/bid/67357
- https://security-tracker.debian.org/tracker/CVE-2014-0222
Affected packages
Debian:11 / qemu
Package
- Name
- qemu
- Purl
- pkg:deb/debian/qemu?arch=source
Debian:12 / qemu
Package
- Name
- qemu
- Purl
- pkg:deb/debian/qemu?arch=source
Debian:13 / qemu
Package
- Name
- qemu
- Purl
- pkg:deb/debian/qemu?arch=source