{"id":"MGASA-2014-0467","summary":"Updated qemu packages fix security vulnerabilities","details":"The Advanced Threat Research team at Intel Security reported that guest\nprovided parameter were insufficiently validated in rectangle functions in\nthe vmware-vga driver. A privileged guest user could use this flaw to write\ninto qemu address space on the host, potentially escalating their privileges\nto those of the qemu host process (CVE-2014-3689).\n\nIt was discovered that QEMU incorrectly handled USB xHCI controller live\nmigration. An attacker could possibly use this issue to cause a denial of\nservice, or possibly execute arbitrary code (CVE-2014-5263).\n\nJames Spadaro of Cisco reported insufficiently sanitized bits_per_pixel from\nthe client in the QEMU VNC display driver. An attacker having access to the\nguest's VNC console could use this flaw to crash the guest (CVE-2014-7815).\n\nAdditionally, the qemu update in MGASA-2014-0426 did not have USB redirection\nsupport because Qemu 1.6.2 requires an updated libusbredirparser library.\nThis update has been built against the updated usbredirparser library.\n","modified":"2026-04-16T01:46:30.368008740Z","published":"2014-11-21T12:44:16Z","upstream":["CVE-2014-3689","CVE-2014-5263","CVE-2014-7815"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0467.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14434"},{"type":"ADVISORY","url":"http://advisories.mageia.org/MGASA-2014-0426.html"},{"type":"WEB","url":"https://www.debian.org/security/2014/dsa-3066"},{"type":"WEB","url":"http://www.ubuntu.com/usn/usn-2409-1/"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143312.html"}],"affected":[{"package":{"name":"qemu","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/qemu?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.2-1.5.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0467.json"}},{"package":{"name":"usbredir","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/usbredir?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0467.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}