7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.891 High
EPSS
Percentile
98.7%
The Advanced Threat Research team at Intel Security reported that guest provided parameter were insufficiently validated in rectangle functions in the vmware-vga driver. A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process (CVE-2014-3689). It was discovered that QEMU incorrectly handled USB xHCI controller live migration. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code (CVE-2014-5263). James Spadaro of Cisco reported insufficiently sanitized bits_per_pixel from the client in the QEMU VNC display driver. An attacker having access to the guest’s VNC console could use this flaw to crash the guest (CVE-2014-7815). Additionally, the qemu update in MGASA-2014-0426 did not have USB redirection support because Qemu 1.6.2 requires an updated libusbredirparser library. This update has been built against the updated usbredirparser library.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | qemu | < 1.6.2-1.5 | qemu-1.6.2-1.5.mga4 |
Mageia | 4 | noarch | usbredir | < 0.6-1 | usbredir-0.6-1.mga4 |