What is the severity of CVE-2014-9718?

CVE-2014-9718 has been classified as high severity due to its potential to cause denial of service on host systems.

How do I fix CVE-2014-9718?

To fix CVE-2014-9718, upgrade to a patched version of QEMU, specifically versions after 2.1.3.

What versions of QEMU are affected by CVE-2014-9718?

CVE-2014-9718 affects QEMU versions from 1.0 through 2.1.3.

How does CVE-2014-9718 affect QEMU users?

CVE-2014-9718 allows guest OS users to exploit weaknesses that lead to memory consumption or infinite loops on the host.

Is CVE-2014-9718 specific to any operating system?

CVE-2014-9718 is not limited to a specific operating system; it affects any host running the vulnerable versions of QEMU.

Vulnerability/
CVE-2014-9718

medium

4.9

CWE

399

21/4/2015

13/2/2023

CVE-2014-9718

First published: Tue Apr 21 2015(Updated: )

The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Debian Debian Linux	=8.0
QEMU KVM	=1.0
QEMU KVM	=1.0-rc1
QEMU KVM	=1.0-rc2
QEMU KVM	=1.0-rc3
QEMU KVM	=1.0-rc4
QEMU KVM	=1.0.1
QEMU KVM	=1.1
QEMU KVM	=1.1-rc1
QEMU KVM	=1.1-rc2
QEMU KVM	=1.1-rc3
QEMU KVM	=1.1-rc4
QEMU KVM	=1.4.1
QEMU KVM	=1.4.2
QEMU KVM	=1.5.0
QEMU KVM	=1.5.0-rc1
QEMU KVM	=1.5.0-rc2
QEMU KVM	=1.5.0-rc3
QEMU KVM	=1.5.1
QEMU KVM	=1.5.2
QEMU KVM	=1.5.3
QEMU KVM	=1.6.0
QEMU KVM	=1.6.0-rc1
QEMU KVM	=1.6.0-rc2
QEMU KVM	=1.6.0-rc3
QEMU KVM	=1.6.1
QEMU KVM	=1.6.2
QEMU KVM	=1.7.1
QEMU KVM	=2.0.0
QEMU KVM	=2.0.0-rc0
QEMU KVM	=2.0.0-rc1
QEMU KVM	=2.0.0-rc2
QEMU KVM	=2.0.0-rc3
QEMU KVM	=2.0.2
QEMU KVM	=2.1.0
QEMU KVM	=2.1.0-rc0
QEMU KVM	=2.1.0-rc1
QEMU KVM	=2.1.0-rc2
QEMU KVM	=2.1.0-rc3
QEMU KVM	=2.1.0-rc5
QEMU KVM	=2.1.1
QEMU KVM	=2.1.2
QEMU KVM	=2.1.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-9718?
CVE-2014-9718 has been classified as high severity due to its potential to cause denial of service on host systems.
How do I fix CVE-2014-9718?
To fix CVE-2014-9718, upgrade to a patched version of QEMU, specifically versions after 2.1.3.
What versions of QEMU are affected by CVE-2014-9718?
CVE-2014-9718 affects QEMU versions from 1.0 through 2.1.3.
How does CVE-2014-9718 affect QEMU users?
CVE-2014-9718 allows guest OS users to exploit weaknesses that lead to memory consumption or infinite loops on the host.
Is CVE-2014-9718 specific to any operating system?
CVE-2014-9718 is not limited to a specific operating system; it affects any host running the vulnerable versions of QEMU.

agent/weakness
agent/severity
agent/references
agent/author
agent/type
agent/tags
agent/event
agent/description
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/debian
canonical/debian debian linux
version/debian debian linux/8.0
vendor/qemu
canonical/qemu kvm
version/qemu kvm/1.0
version/qemu kvm/1.0-rc1
version/qemu kvm/1.0-rc2
version/qemu kvm/1.0-rc3
version/qemu kvm/1.0-rc4
version/qemu kvm/1.0.1
version/qemu kvm/1.1
version/qemu kvm/1.1-rc1
version/qemu kvm/1.1-rc2
version/qemu kvm/1.1-rc3
version/qemu kvm/1.1-rc4
version/qemu kvm/1.4.1
version/qemu kvm/1.4.2
version/qemu kvm/1.5.0
version/qemu kvm/1.5.0-rc1
version/qemu kvm/1.5.0-rc2
version/qemu kvm/1.5.0-rc3
version/qemu kvm/1.5.1
version/qemu kvm/1.5.2
version/qemu kvm/1.5.3
version/qemu kvm/1.6.0
version/qemu kvm/1.6.0-rc1
version/qemu kvm/1.6.0-rc2
version/qemu kvm/1.6.0-rc3
version/qemu kvm/1.6.1
version/qemu kvm/1.6.2
version/qemu kvm/1.7.1
version/qemu kvm/2.0.0
version/qemu kvm/2.0.0-rc0
version/qemu kvm/2.0.0-rc1
version/qemu kvm/2.0.0-rc2
version/qemu kvm/2.0.0-rc3
version/qemu kvm/2.0.2
version/qemu kvm/2.1.0
version/qemu kvm/2.1.0-rc0
version/qemu kvm/2.1.0-rc1
version/qemu kvm/2.1.0-rc2
version/qemu kvm/2.1.0-rc3
version/qemu kvm/2.1.0-rc5
version/qemu kvm/2.1.1
version/qemu kvm/2.1.2
version/qemu kvm/2.1.3

Frequently Asked Questions

What is the severity of CVE-2014-9718?
CVE-2014-9718 has been classified as high severity due to its potential to cause denial of service on host systems.
How do I fix CVE-2014-9718?
To fix CVE-2014-9718, upgrade to a patched version of QEMU, specifically versions after 2.1.3.
What versions of QEMU are affected by CVE-2014-9718?
CVE-2014-9718 affects QEMU versions from 1.0 through 2.1.3.
How does CVE-2014-9718 affect QEMU users?
CVE-2014-9718 allows guest OS users to exploit weaknesses that lead to memory consumption or infinite loops on the host.
Is CVE-2014-9718 specific to any operating system?
CVE-2014-9718 is not limited to a specific operating system; it affects any host running the vulnerable versions of QEMU.

CVE-2014-9718

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-9718?

How do I fix CVE-2014-9718?

What versions of QEMU are affected by CVE-2014-9718?

How does CVE-2014-9718 affect QEMU users?

Is CVE-2014-9718 specific to any operating system?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-9718?

How do I fix CVE-2014-9718?

What versions of QEMU are affected by CVE-2014-9718?

How does CVE-2014-9718 affect QEMU users?

Is CVE-2014-9718 specific to any operating system?