UBUNTU-CVE-2014-8106

Advisory lineage Upstream: 1 Downstream: 1
Upstream
CVE-2014-8106
Downstream
USN-2439-1
Published: 08 Dec 2014, 00:00
Last modified:04 Feb 2026, 03:19

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

08 Dec 2014, 00:00
Published
Vulnerability first disclosed
04 Feb 2026, 03:19
Last Modified
Vulnerability information updated

Description

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.

Affected Systems

  • ubuntuqemu

    < 2.0.0+dfsg-2ubuntu1.9

References (4)