QwikSec

Security Database

CVE

CWE

Training

CVE-2014-8106

Published: Dec 8, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20141204 CVE-2014-8106 qemu: cirrus: insufficient blit region checks

mailing-list

x_refsource_MLIST

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bf25983345ca44aec3dd92c57142be45452bd38a

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

FEDORA-2015-5482

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

qemu-cve20148106-sec-bypass(99126)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

[Qemu-devel] 20141204 [PULL for-2.2 0/2] cirrus: fix blit region check (cve-2014-8106)

mailing-list

x_refsource_MLIST

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d3532a0db02296e687711b8cdc7791924efccea0

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

http://support.citrix.com/article/CTX200892

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.