CVE-2014-9718

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.

References

http://git.qemu.org/?p=qemu.git;a=commit;h=3251bdcf1c67427d964517053c3d185b46e618e8

http://openwall.com/lists/oss-security/2015/04/20/7

http://www.debian.org/security/2015/dsa-3259

http://www.securityfocus.com/bid/73316

Details

Source: MITRE

Published: 2015-04-21

Updated: 2016-06-23

Type: CWE-399

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:qemu:qemu:1.0:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.0:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.0:rc4:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.1:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.1:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.1:rc4:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.4.2:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.0:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.0:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.0:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.6.0:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.6.0:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.0.0:-:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.0.0:rc0:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.0:rc0:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.0:rc3:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.0:rc5:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:qemu:qemu:2.1.3:*:*:*:*:*:*:*

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
93180SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)NessusSuSE Local Security Checks
critical
93177SUSE SLES11 Security Update : xen (SUSE-SU-2016:1745-1)NessusSuSE Local Security Checks
critical
93169SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)NessusSuSE Local Security Checks
critical
91660SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)NessusSuSE Local Security Checks
critical
91249SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:1318-1)NessusSuSE Local Security Checks
critical
90478openSUSE Security Update : xen (openSUSE-2016-439)NessusSuSE Local Security Checks
critical
90396SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2016:0955-1)NessusSuSE Local Security Checks
critical
90260openSUSE Security Update : xen (openSUSE-2016-413)NessusSuSE Local Security Checks
critical
90186SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:0873-1)NessusSuSE Local Security Checks
critical
85683Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : qemu, qemu-kvm vulnerabilities (USN-2724-1)NessusUbuntu Local Security Checks
medium
83422Debian DSA-3259-1 : qemu - security update (Venom)NessusDebian Local Security Checks
high