« List of all CVEs

CVE-2014-8106

Published: 12/8/2014 Last updated: 8/6/2024 Reserved: 10/10/2014

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (2)

conf-qemu-img nbd-tool

Products affected (2)

Product	Vendor	Version
n/a	n/a	4.2.0
n/a	n/a	< 5.9.0.169

References (72)