The qcow2_open function in the (block/qcow2.c) in QEMU prior to 1.7.2 and 2.x prior to 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu |
||
qemu qemu 2.0.0 |