Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 507796 (CVE-2014-0150) - <app-emulation/qemu-2.0.0: virtio-net "virtio_net_handle_mac()" Integer Overflow Vulnerability (CVE-2014-0150)
Summary: <app-emulation/qemu-2.0.0: virtio-net "virtio_net_handle_mac()" Integer Overf...
Alias: CVE-2014-0150
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B1 [glsa]
Depends on:
Blocks: CVE-2014-2894
  Show dependency tree
Reported: 2014-04-16 07:53 UTC by Agostino Sarubbo
Modified: 2014-08-31 11:31 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-04-16 07:53:01 UTC
From ${URL} :


A vulnerability has been reported in Qemu, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

The vulnerability is caused due to an integer overflow error in the "virtio_net_handle_mac()" function (hw/net/virtio-net.c), which can be exploited to cause a heap-based buffer overflow.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions 0.6 through 1.7.1.

Fixed in the source code repository.

Further details available to Secunia VIM customers

Provided and/or discovered by:
Michael S. Tsirkin, Red Hat via the gmane.comp.emulators.qemu newsgroup.

Original Advisory:
Michael S. Tsirkin:

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2014-04-24 17:30:58 UTC
I've verified that this is fixed in app-emulation/qemu-2.0.0.
Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2014-04-24 17:34:20 UTC
Qemu-Guys: is qemu-2.0.0 ready for stabilization?
Comment 3 SpanKY gentoo-dev 2014-04-30 21:03:47 UTC
let's give it ~30 days and stabilize it
Comment 4 SpanKY gentoo-dev 2014-05-31 15:34:04 UTC
ok, let's start stabilizing qemu-2.0.0
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2014-05-31 15:36:22 UTC
CVE-2014-0150 (
  Integer overflow in the virtio_net_handle_mac function in
  hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to
  execute arbitrary code via a MAC addresses table update request, which
  triggers a heap-based buffer overflow.
Comment 6 Agostino Sarubbo gentoo-dev 2014-06-04 16:04:38 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2014-06-04 16:05:00 UTC
x86 stable
Comment 8 Agostino Sarubbo gentoo-dev 2014-06-05 15:21:49 UTC
ppc and ppc64 has no stable keyword.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 9 Yury German Gentoo Infrastructure gentoo-dev 2014-06-14 02:34:59 UTC
Arches, Thank you for your work
Maintainer(s), please drop the vulnerable version.

New GLSA Request filed.
Comment 10 Agostino Sarubbo gentoo-dev 2014-08-26 13:13:07 UTC
cleanup done
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2014-08-31 11:31:12 UTC
This issue was resolved and addressed in
 GLSA 201408-17 at
by GLSA coordinator Kristian Fiskerstrand (K_F).