Vulnerability in QEMU Block Drivers: Remote Code Execution

Vulnerability in QEMU Block Drivers: Remote Code Execution

CVE-2014-0144 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.

Learn more about our User Device Pen Test.