CVE-2014-5388

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is related to an off-by-one error in the pci read function within the ACPI PCI hotplug interface. This error can be triggered by a crafted PCI device, leading to memory corruption. As a result, local guest users may be able to obtain sensitive information and potentially have other unspecified impacts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-193

Related Identifiers

ALT-PU-2014-2465

CVE-2014-5388

SUSE-SU-2016:2781-1

SUSE-SU-2016_2781-1

USN-2409-1

Affected Products

Alt Linux

Qemu

Suse

Ubuntu

CVE-2014-5388

Weakness Enumeration

Related Identifiers

Affected Products

References · 107