FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- Heap overflow in Cirrus emulation

Affected packages
qemu < 0.9.1_10
0.9.1s.20080101* <= qemu < 0.9.1s.20080620_2
qemu-devel < 0.9.1_10
0.9.1s.20080101* <= qemu-devel < 0.9.1s.20080620_2

Details

VuXML ID 07bb3bd2-a920-11dd-8503-0211060005df
Discovery 2008-11-01
Entry 2008-11-02

Aurelien Jarno reports:

CVE-2008-4539: fix a heap overflow in Cirrus emulation

The code in hw/cirrus_vga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC.

References

CVE Name CVE-2008-4539
Message E1Kw4kF-0001Mx-KA@cvs.savannah.gnu.org