CVE-2014-7840

EPSS 2.5%

發布日:2014/12/12修改日:2026/4/28

描述

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

受影響套件(1)

Debian/qemufrom 0, < 2.1+dfsg-8

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-7840