Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-7840HistoryDec 12, 2014 - 3:59 p.m.
CVE-2014-7840
2014-12-1215:59:00
Debian Security Bug Tracker
security-tracker.debian.org
13
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.079 Low
EPSS
Percentile
94.2%
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | qemu | < 2.1+dfsg-8 | qemu_2.1+dfsg-8_all.deb |
| Debian | 11 | all | qemu | < 2.1+dfsg-8 | qemu_2.1+dfsg-8_all.deb |
| Debian | 10 | all | qemu | < 2.1+dfsg-8 | qemu_2.1+dfsg-8_all.deb |
| Debian | 999 | all | qemu | < 2.1+dfsg-8 | qemu_2.1+dfsg-8_all.deb |
| Debian | 13 | all | qemu | < 2.1+dfsg-8 | qemu_2.1+dfsg-8_all.deb |
Related
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:12:35
nessus
nessus
Fedora 21 : qemu-2.1.2-7.fc21 (2014-16075)
2014-12-15 00:00:00
Fedora 20 : qemu-1.6.2-12.fc20 (2014-16626)
2014-12-26 00:00:00
Mandriva Linux Security Advisory : qemu (MDVSA-2014:249)
2014-12-15 00:00:00
prion
prion
Design/Logic Flaw
2014-12-12 15:59:00
fedora
fedora
[SECURITY] Fedora 21 Update: qemu-2.1.2-7.fc21
2014-12-12 04:26:41
[SECURITY] Fedora 21 Update: qemu-2.1.3-5.fc21
2015-04-13 07:05:24
[SECURITY] Fedora 21 Update: qemu-2.1.3-7.fc21
2015-05-17 06:38:09
ubuntucve
ubuntucve
CVE-2014-7840
2014-11-14 00:00:00
openvas
openvas
Fedora Update for qemu FEDORA-2014-16075
2015-01-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0349-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2439-1)
2022-08-26 00:00:00
cve
cve
CVE-2014-7840
2014-12-12 15:59:00
mageia
mageia
Updated qemu packages fix security vulnerabilities
2014-12-13 23:16:05
ubuntu
ubuntu
QEMU vulnerabilities
2014-12-11 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2014-12-24 00:00:00
redhat
redhat
centos
centos
libcacard, qemu security update
2015-03-17 13:29:43
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2015-03-11 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.079 Low
EPSS
Percentile
94.2%
Related for DEBIANCVE:CVE-2014-7840