{"id":"CVE-2014-8106","details":"Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.","modified":"2026-04-16T01:40:16.686196703Z","published":"2014-12-08T16:59:01Z","withdrawn":"2026-01-27T04:13:22.793133Z","related":["SUSE-SU-2015:0349-1","SUSE-SU-2015:0357-1","SUSE-SU-2017:0582-1","SUSE-SU-2017:0647-1","SUSE-SU-2017:0718-1","openSUSE-SU-2024:11287-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0349.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0624.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0643.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0795.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0867.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0868.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2015-0891.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/60364"},{"type":"ADVISORY","url":"http://www.debian.org/security/2014/dsa-3087"},{"type":"ADVISORY","url":"http://www.debian.org/security/2014/dsa-3088"},{"type":"WEB","url":"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bf25983345ca44aec3dd92c57142be45452bd38a"},{"type":"WEB","url":"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d3532a0db02296e687711b8cdc7791924efccea0"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.html"},{"type":"WEB","url":"http://lists.gnu.org/archive/html/qemu-devel/2014-12/msg00508.html"},{"type":"WEB","url":"http://support.citrix.com/article/CTX200892"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2014/12/04/8"},{"type":"WEB","url":"http://www.securityfocus.com/bid/71477"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/99126"}],"schema_version":"1.7.3"}