CVE-2014-2894

Priority
Medium
Description
Off-by-one error in the cmd_smart function in the smart self test in
hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified
impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow
and memory corruption.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):released (1.0+noroms-0ubuntu14.14)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (2.0.0~rc1+dfsg-0ubuntu3.1)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=940973ae0b45c9b6817bab8e4cf4df99a9ef83d7
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:42:32 UTC (commit 9756)