qemu

• Author: kikadf
• Vulnerable: 1.5.2-3arcturus3
• Unaffected: 1.5.2-3arcturus4

Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. Benoît Canet discovered that QEMU incorrectly handled SMART self-tests. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894