Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2014-8106

Published: 08/12/2014 Updated: 13/02/2023
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Qemu

Vulnerability Summary

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU prior to 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu 2.1.0

qemu qemu 2.1.1

qemu qemu

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2014-8106: cirrus: insufficient blit region checks
Debian Bug report logs - #772025 CVE-2014-8106: cirrus: insufficient blit region checks Packages: qemu-system, qemu-kvm; Maintainer for qemu-system is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu-system is src:qemu (PTS, buildd, popcon) Maintainer for qemu-kvm is Debian QEMU Team <pkg-qemu-devel@lis ...
Ubuntu Security Notice: qemu, qemu-kvm vulnerabilities
Several security issues were fixed in QEMU ...
Debian Security Advisories: DSA-3087-1 qemu -- security update
Paolo Bonzini of Red Hat discovered that the blit region checks were insufficient in the Cirrus VGA emulator in qemu, a fast processor emulator A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process For the stable distribution (wheezy), th ...
Debian Security Advisories: DSA-3088-1 qemu-kvm -- security update
Paolo Bonzini of Red Hat discovered that the blit region checks were insufficient in the Cirrus VGA emulator in qemu-kvm, a full virtualization solution on x86 hardware A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process For the stable ...

References

CWE-119http://lists.gnu.org/archive/html/qemu-devel/2014-12/msg00508.htmlhttp://www.securityfocus.com/bid/71477http://www.debian.org/security/2014/dsa-3088http://www.openwall.com/lists/oss-security/2014/12/04/8http://www.debian.org/security/2014/dsa-3087http://secunia.com/advisories/60364http://rhn.redhat.com/errata/RHSA-2015-0643.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0349.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0624.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0795.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.htmlhttp://support.citrix.com/article/CTX200892http://rhn.redhat.com/errata/RHSA-2015-0891.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0868.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0867.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/99126http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bf25983345ca44aec3dd92c57142be45452bd38ahttp://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d3532a0db02296e687711b8cdc7791924efccea0https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772025https://usn.ubuntu.com/2439-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook