{"id":"CVE-2014-2894","details":"Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption.","modified":"2026-01-27T04:12:38.641059Z","published":"2014-04-23T15:55:05Z","withdrawn":"2026-01-27T04:12:38.641059Z","related":["SUSE-SU-2015:0870-1","SUSE-SU-2015:0889-1","SUSE-SU-2015:1152-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0704.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0743.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0744.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/57945"},{"type":"ADVISORY","url":"http://secunia.com/advisories/58191"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2182-1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2014/04/15/4"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2014/04/18/5"},{"type":"WEB","url":"http://www.securityfocus.com/bid/66932"},{"type":"WEB","url":"https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02016.html"},{"type":"WEB","url":"https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02095.html"},{"type":"WEB","url":"https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02152.html"}],"schema_version":"1.7.3"}