CVE-2014-0049
Summary
| CVE | CVE-2014-0049 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-03-11 13:01:06 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
AdjacentAccess Complexity
MediumAuthentication
SingleConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:A/AC:M/Au:S/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| oss-security - CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Patch, Third Party Advisory |
| git.kernel.org | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | |
| Bug 1062368 – CVE-2014-0049 kernel: kvm: mmio_fragments out-of-the-bounds access | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | Issue Tracking, Patch, Third Party Advisory |
| www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6 | af854a3a-2127-422b-91ae-364da2661108 | www.kernel.org | Release Notes, Vendor Advisory |
| kvm: x86: fix emulator buffer overflow (CVE-2014-0049) · torvalds/linux@a08d3b3 · GitHub | af854a3a-2127-422b-91ae-364da2661108 | github.com | Patch, Third Party Advisory |
| kernel/git/torvalds/linux.git - Linux kernel source tree | MITRE | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.