CVE-2015-5225

Priority
Description
Buffer overflow in the vnc_refresh_server_surface function in the VNC
display driver in QEMU before 2.4.0.1 allows guest users to cause a denial
of service (heap memory corruption and process crash) or possibly execute
arbitrary code on the host via unspecified vectors, related to refreshing
the server display surface.
Assigned-to
mdeslaur
Notes
mdeslaurintroduced by:
http://git.qemu.org/?p=qemu.git;a=commit;h=bea60dd7679364493a0d7f5b
so precise and trusty are not affected
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Patches:
Other:https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
More Information

Updated: 2019-12-05 18:42:19 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)