Computer Security
[EN] securityvulns.ru no-pyccku


qemu multiple security vulnerabilities
updated since 13.10.2014
Published:08.12.2014
Source:
SecurityVulns ID:14003
Type:local
Threat Level:
6/10
Description:Multiple memory corruptions, DoS, information leakage.
Affected:QEMU : qemu 1.1
CVE:CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.)
 CVE-2014-7815 (The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.)
 CVE-2014-3689 (The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.)
 CVE-2014-3640 (The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.)
 CVE-2014-3615 (The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.)
 CVE-2014-0223 (Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.)
 CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.)
 CVE-2014-0147
 CVE-2014-0146
 CVE-2014-0145
 CVE-2014-0144
 CVE-2014-0143
 CVE-2014-0142
Original documentdocumentDEBIAN, [SECURITY] [DSA 3087-1] qemu security update (08.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3066-1] qemu security update (10.11.2014)
 documentDEBIAN, [SECURITY] [DSA 3045-1] qemu security update (13.10.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod