CVE-2014-8106
CVE-2014-8106
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bf25983345ca44aec3dd92c57142be45452bd38ahttp://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d3532a0db02296e687711b8cdc7791924efccea0http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.htmlhttp://lists.gnu.org/archive/html/qemu-devel/2014-12/msg00508.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0349.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0624.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0643.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0795.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0867.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0868.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0891.htmlhttp://secunia.com/advisories/60364