CVE-2014-5388

Priority
Description
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface
(hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive
information and have other unspecified impact related to a crafted PCI
device that triggers memory corruption.
Assigned-to
mdeslaur
Notes
mdeslaurintroduced in 1.7.x by
http://git.qemu.org/?p=qemu.git;a=commit;h=db4728e6fec0364b866d3106125974eedc00e091
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.7)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
More Information

Updated: 2020-07-28 19:52:30 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)