[Secure-testing-team] Bug#769451: qemu: CVE-2014-7840: insufficient parameter validation during ram load
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 13 17:39:25 UTC 2014
Source: qemu
Version: 1.1.2+dfsg-6a
Severity: important
Tags: security upstream
Hi Debian QEMU team,
the following vulnerability was published for qemu, choosed important
severity but actually might be downgraded to normal.
CVE-2014-7840[0]:
insufficient parameter validation during ram load
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2014-7840
[1] http://thread.gmane.org/gmane.comp.emulators.qemu/306117
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list