This bug was fixed in the package qemu - 2.1+dfsg-7ubuntu5
---
qemu (2.1+dfsg-7ubuntu5) vivid; urgency=medium
* SECURITY UPDATE: code execution via savevm data
- debian/patches/CVE-2014-7840.patch: validate parameters in
arch_init.c.
- CVE-2014-7840
* SECURITY UPDATE
This bug was fixed in the package qemu-kvm - 1.0+noroms-0ubuntu14.21
---
qemu-kvm (1.0+noroms-0ubuntu14.21) precise-security; urgency=medium
* SECURITY UPDATE: code execution via savevm data
- debian/patches/CVE-2014-7840.patch: validate parameters in
arch_init.c.
- CV
This bug was fixed in the package qemu - 2.0.0+dfsg-2ubuntu1.9
---
qemu (2.0.0+dfsg-2ubuntu1.9) trusty-security; urgency=medium
* SECURITY UPDATE: code execution via savevm data
- debian/patches/CVE-2014-7840.patch: validate parameters in
arch_init.c.
- CVE-2014-7840
This bug was fixed in the package qemu-kvm - 0.12.3+noroms-0ubuntu9.26
---
qemu-kvm (0.12.3+noroms-0ubuntu9.26) lucid-security; urgency=medium
* SECURITY UPDATE: code execution via cirrus vga blit regions
(LP: #1400775)
- debian/patches/CVE-2014-8106.patch: properly validate
This bug was fixed in the package qemu - 2.1+dfsg-4ubuntu6.3
---
qemu (2.1+dfsg-4ubuntu6.3) utopic-security; urgency=medium
* SECURITY UPDATE: code execution via savevm data
- debian/patches/CVE-2014-7840.patch: validate parameters in
arch_init.c.
- CVE-2014-7840
* S
** Also affects: qemu (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: qemu (Ubuntu Utopic)
Importance: Undecided
Status: New
** Also affects: qemu (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: qemu (Ubuntu Vivid)
Importance
Made this public as the links to which it refers are public.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1400775
Title:
CVE-20