CVE-2014-7840

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

References

http://git.qemu.org/?p=qemu.git;a=commit;h=0be839a2701369f669532ea5884c15bead1c6e08

http://rhn.redhat.com/errata/RHSA-2015-0349.html

http://rhn.redhat.com/errata/RHSA-2015-0624.html

http://thread.gmane.org/gmane.comp.emulators.qemu/306117

https://bugzilla.redhat.com/show_bug.cgi?id=1163075

https://exchange.xforce.ibmcloud.com/vulnerabilities/99194

Details

Source: MITRE

Published: 2014-12-12

Updated: 2020-08-11

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (14 total)

IDNameProductFamilySeverity
83686SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2015:0349-1)NessusSuSE Local Security Checks
high
82260Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150305)NessusScientific Linux Local Security Checks
high
81944Mandriva Linux Security Advisory : qemu (MDVSA-2015:061)NessusMandriva Local Security Checks
high
81891CentOS 7 : qemu-kvm (CESA-2015:0349)NessusCentOS Local Security Checks
high
81803Oracle Linux 7 : qemu-kvm (ELSA-2015-0349)NessusOracle Linux Local Security Checks
high
81661RHEL 7 : qemu-kvm-rhev (RHSA-2015:0624)NessusRed Hat Local Security Checks
high
81632RHEL 7 : qemu-kvm (RHSA-2015:0349)NessusRed Hat Local Security Checks
high
81481SuSE 11.3 Security Update : kvm and libvirt (SAT Patch Number 10222)NessusSuSE Local Security Checks
high
81480SuSE 11.3 Security Update : kvm and libvirt (SAT Patch Number 10222)NessusSuSE Local Security Checks
high
80242GLSA-201412-37 : QEMU: Multiple VulnerabilitiesNessusGentoo Local Security Checks
high
80233Fedora 20 : qemu-1.6.2-12.fc20 (2014-16626)NessusFedora Local Security Checks
high
80026Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : qemu, qemu-kvm vulnerabilities (USN-2439-1)NessusUbuntu Local Security Checks
high
79994Mandriva Linux Security Advisory : qemu (MDVSA-2014:249)NessusMandriva Local Security Checks
high
79912Fedora 21 : qemu-2.1.2-7.fc21 (2014-16075)NessusFedora Local Security Checks
high