1. Home
  2. Vulnerabilities
  3. CVE-2014-0049

CVE-2014-0049

CVSS v2.0 7.4 (High)
74% Progress
EPSS 0.26 % (67th)
0.26% Progress
Affected Products 1
Advisories 51
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.

Weaknesses
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2014-03-11 13:01:06
(10 years ago)
Updated Date
2023-02-13 00:30:13
(19 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 3.13.6 version cpe:2.3:o:linux:linux_kernel < 3.13.6