CVE-2014-9718 | Date: (C)2015-04-24 (M)2024-04-19 |
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 4.9 |
Exploit Score: 3.9 |
Impact Score: 6.9 |
|
CVSS V2 Metrics: |
Access Vector: LOCAL |
Access Complexity: LOW |
Authentication: NONE |
Confidentiality: NONE |
Integrity: NONE |
Availability: COMPLETE |
| |