CVE-2014-2894 in QEMUinfo

Summary

Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/17/2014

Disclosure

04/23/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
13008	Fabrice Bellard QEMU SMART EXECUTE OFFLINE core.c cmd_smart numeric error	189	Unproven	Official fix	CVE-2014-2894

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!