oss-sec mailing list archives
CVE-2014-0223 Qemu: qcow1: Validate image size
From: P J P <ppandit () redhat com>
Date: Tue, 13 May 2014 16:18:26 +0530 (IST)
Hello, 'CVE-2014-0223' has been assigned to this issue. A huge image size could cause s->l1_size to overflow. Make sure that images never require a L1 table larger than what fits in s->l1_size. This cannot only cause unbounded allocations, but also the allocation of a too small L1 table, resulting in out-of-bounds array accesses (both reads and writes). Upstream fix: ------------- -> https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html Thank you. -- Prasad J Pandit / Red Hat Security Response Team
Current thread:
- CVE-2014-0223 Qemu: qcow1: Validate image size P J P (May 13)