CVE-2014-5388 in QEMUinfo

Summary

Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/22/2014

Disclosure

11/15/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
67403	Fabrice Bellard QEMU ACPI PCI Hotplug memory corruption	119	Unproven	Official fix	CVE-2014-5388

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!