{"id":"CVE-2014-0150","details":"Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.","modified":"2026-04-16T06:15:35.404519788Z","published":"2014-04-18T14:55:25Z","related":["SUSE-SU-2015:0870-1","SUSE-SU-2015:0889-1","SUSE-SU-2015:1152-1","openSUSE-SU-2024:10233-1"],"references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/57878"},{"type":"ADVISORY","url":"http://secunia.com/advisories/58191"},{"type":"ADVISORY","url":"http://www.debian.org/security/2014/dsa-2909"},{"type":"ADVISORY","url":"http://www.debian.org/security/2014/dsa-2910"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2182-1"},{"type":"FIX","url":"http://thread.gmane.org/gmane.comp.emulators.qemu/266713"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1078846"},{"type":"WEB","url":"http://article.gmane.org/gmane.comp.emulators.qemu/266768"}],"schema_version":"1.7.5"}