This bug was fixed in the package qemu - 2.0.0+dfsg-2ubuntu1.9 --------------- qemu (2.0.0+dfsg-2ubuntu1.9) trusty-security; urgency=medium
* SECURITY UPDATE: code execution via savevm data - debian/patches/CVE-2014-7840.patch: validate parameters in arch_init.c. - CVE-2014-7840 * SECURITY UPDATE: code execution via cirrus vga blit regions (LP: #1400775) - debian/patches/CVE-2014-8106.patch: properly validate blit regions in hw/display/cirrus_vga.c. - CVE-2014-8106 -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 10 Dec 2014 16:00:51 -0500 ** Changed in: qemu (Ubuntu Trusty) Status: Confirmed => Fix Released ** Changed in: qemu-kvm (Ubuntu Precise) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1400775 Title: CVE-2014-8106 insufficient blit region check To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1400775/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs