CVE-2014-0049
Severity Score
7.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.
Desbordamiento de buffer en la función complete_emulated_mmio en arch/x86/kvm/x86.c en el kernel de Linux anterior a 3.13.6 permite a usuarios del sistema operativo invitado ejecutar código arbitrario en el sistema operativo anfitrión mediante el aprovechamiento de un bucle que provoca una copia de memoria inválida que afecta a ciertos datos cancel_work_item.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-12-03 CVE Reserved
- 2014-03-11 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2014/03/03/1 | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1062368 | 2023-02-13 | |
| https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b | 2023-02-13 |
| URL | Date | SRC |
|---|---|---|
| http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6 | 2023-02-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.13.6 Search vendor "Linux" for product "Linux Kernel" and version " < 3.13.6" | - |
Affected
| ||||||