CVE-2014-5388

Priority
Description
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface
(hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive
information and have other unspecified impact related to a crafted PCI
device that triggers memory corruption.
Notes
 mdeslaur> introduced in 1.7.x by
 mdeslaur> http://git.qemu.org/?p=qemu.git;a=commit;h=db4728e6fec0364b866d3106125974eedc00e091
Assigned-to
mdeslaur
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.7)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-19 12:15:28 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)