CVE-2014-0077
First published: Wed Feb 12 2014(Updated: )
A flaw was found in the way handle_rx() function handled big packets when mergeable buffers were disabled. A privileged user in the guest could use this flaw to crash the host, or, potentially, escalate their privileges to the ones of the hosting qemu process by corrupting qemu memory. Acknowledgements: This issue was discovered by Michael S. Tsirkin of Red Hat.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | <3.13.10 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8316f3991d207fe32881a9ac20241be8fa2bad0
- http://secunia.com/advisories/59386
- http://secunia.com/advisories/59599
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10
- http://www.securityfocus.com/bid/66678
- https://bugzilla.redhat.com/show_bug.cgi?id=1064440
- https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0
- https://launchpad.net/bugs/cve/CVE-2014-0077
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1064102
- http://article.gmane.org/gmane.linux.network/311012
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1081504
- https://rhn.redhat.com/errata/RHSA-2014-0475.html
- https://rhn.redhat.com/errata/RHSA-2014-0593.html
- https://rhn.redhat.com/errata/RHSA-2014-0634.html
- https://rhn.redhat.com/errata/RHSA-2014-0629.html
- https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
- https://security-tracker.debian.org/tracker/CVE-2014-0077
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077
- https://nvd.nist.gov/vuln/detail/CVE-2014-0077
- https://ubuntu.com/security/CVE-2014-0077
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-0077
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/remedy
- agent/description
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- vendor/linux
- canonical/linux linux kernel
- package-manager/debian