QEMU Integer Overflow Vulnerability in qcow_open Function

QEMU Integer Overflow Vulnerability in qcow_open Function

CVE-2014-0223 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.

Learn more about our User Device Pen Test.