Lucene search
PRIOn knowledge basePRION:CVE-2014-7840HistoryDec 12, 2014 - 3:59 p.m.
Design/Logic Flaw
2014-12-1215:59:00
PRIOn knowledge base
www.prio-n.com
6
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.
References
git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=0be839a2701369f669532ea5884c15bead1c6e08
rhn.redhat.com/errata/RHSA-2015-0349.html
rhn.redhat.com/errata/RHSA-2015-0624.html
thread.gmane.org/gmane.comp.emulators.qemu/306117
bugzilla.redhat.com/show_bug.cgi?id=1163075
exchange.xforce.ibmcloud.com/vulnerabilities/99194
Related
nessus
nessus
Fedora 21 : qemu-2.1.2-7.fc21 (2014-16075)
2014-12-15 00:00:00
Fedora 20 : qemu-1.6.2-12.fc20 (2014-16626)
2014-12-26 00:00:00
Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2439-1)
2014-12-15 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:12:35
cvelist
cvelist
CVE-2014-7840
2014-12-12 15:00:00
openvas
openvas
Fedora Update for qemu FEDORA-2014-16075
2015-01-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0349-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-2439-1)
2022-08-26 00:00:00
cve
cve
CVE-2014-7840
2014-12-12 15:59:08
debiancve
debiancve
CVE-2014-7840
2014-12-12 15:59:08
fedora
fedora
[SECURITY] Fedora 21 Update: qemu-2.1.2-7.fc21
2014-12-12 04:26:41
[SECURITY] Fedora 21 Update: qemu-2.1.3-5.fc21
2015-04-13 07:05:24
[SECURITY] Fedora 21 Update: qemu-2.1.3-7.fc21
2015-05-17 06:38:09
nvd
nvd
CVE-2014-7840
2014-12-12 15:59:08
ubuntucve
ubuntucve
CVE-2014-7840
2014-11-14 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2014-12-11 00:00:00
mageia
mageia
Updated qemu packages fix security vulnerabilities
2014-12-13 23:16:05
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2014-12-24 00:00:00
centos
centos
libcacard, qemu security update
2015-03-17 13:29:43
redhat
redhat
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2015-03-11 00:00:00