Launchpad.net

CVE 2014-7840

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

Related bugs and status

CVE-2014-7840 (Candidate) is related to these bugs:

Bug #1400775: CVE-2014-8106 insufficient blit region check

		In	Importance	Status
1400775	CVE-2014-8106 insufficient blit region check	qemu (Ubuntu)	Undecided	Fix Released
1400775	CVE-2014-8106 insufficient blit region check	qemu (Ubuntu Lucid)	Undecided	Invalid
1400775	CVE-2014-8106 insufficient blit region check	qemu (Ubuntu Utopic)	Undecided	Fix Released
1400775	CVE-2014-8106 insufficient blit region check	qemu (Ubuntu Precise)	Undecided	Invalid
1400775	CVE-2014-8106 insufficient blit region check	qemu (Ubuntu Vivid)	Undecided	Fix Released
1400775	CVE-2014-8106 insufficient blit region check	qemu (Ubuntu Trusty)	Undecided	Fix Released
1400775	CVE-2014-8106 insufficient blit region check	qemu-kvm (Ubuntu)	Undecided	Invalid
1400775	CVE-2014-8106 insufficient blit region check	qemu-kvm (Ubuntu Lucid)	Undecided	Fix Released
1400775	CVE-2014-8106 insufficient blit region check	qemu-kvm (Ubuntu Precise)	Undecided	Fix Released
1400775	CVE-2014-8106 insufficient blit region check	qemu-kvm (Ubuntu Trusty)	Undecided	Invalid
1400775	CVE-2014-8106 insufficient blit region check	qemu-kvm (Ubuntu Utopic)	Undecided	Invalid
1400775	CVE-2014-8106 insufficient blit region check	qemu-kvm (Ubuntu Vivid)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-7840

Related bugs and status

Related bugs

References