qemu

• Author: kikadf
• Vulnerable: 1.5.2-3arcturus7
• Unaffected: 1.5.2-3arcturus8

Paolo Bonzini of Red Hat discovered that the blit region checks were insufficient in the Cirrus VGA emulator in qemu, a fast processor emulator. Invalid migration stream can cause arbitrary qemu memory overwrite.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840