CVE-2014-8106 in Fabrice Bellard QEMU
Summary
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.
Reservation
10/10/2014
Disclosure
12/08/2014
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 68346 | Fabrice Bellard QEMU cirrus_vga.c memory corruption | 119 | Unproven | Official fix | CVE-2014-8106 |