[Secure-testing-team] Bug#745157: guest-triggerable out-of-bounds buffer access via IDE SMART command (CVE-2014-2894)
Michael Tokarev
mjt at tls.msk.ru
Fri Apr 18 15:00:26 UTC 2014
Package: qemu-system, qemu-kvm
Version: 1.1.2+dfsg-1
Severity: serious
Tags: security upstream patch wheezy jessie
CVE-2014-2894, a guest-triggerable out of bounds memory access using
IDE SMART commands. This can lead to qemu process memory corruption
and potentially (unlikely) to invalid code execution with host qemu
process privileges.
Introduced past 2009. Qemu 0.12 (on squeeze, oldstable) is not affected,
wheezy/stable and current testing are affected, fixed in upstream 2.0
which is currently in sid.
/mjt
More information about the Secure-testing-team
mailing list