FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- Heap overflow in Cirrus emulation

Affected packages
qemu < 0.9.1_10
0.9.1s.20080101* <= qemu < 0.9.1s.20080620_2
qemu-devel < 0.9.1_10
0.9.1s.20080101* <= qemu-devel < 0.9.1s.20080620_2


VuXML ID 07bb3bd2-a920-11dd-8503-0211060005df
Discovery 2008-11-01
Entry 2008-11-02

Aurelien Jarno reports:

CVE-2008-4539: fix a heap overflow in Cirrus emulation

The code in hw/cirrus_vga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC.


CVE Name CVE-2008-4539