CVE-2014-3689
QEMU < 2.1.3 - Privilege Escalation via vmware-vga Rectangle Handling
Title source: llmDescription
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
References (8)
Core 8
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62144
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/62143
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-3067
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2409-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/60923
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2014/dsa-3066
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/114397
Mailing List mailing-list
x_refsource_mlist
https://www.mail-archive.com/qemu-devel%40nongnu.org/msg261580.html
Scores
EPSS
0.0009
EPSS Percentile
25.3%
Details
CWE
CWE-269
Status
published
Products (6)
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
14.10
debian/debian_linux
7.0
qemu/qemu
< 2.1.3
Published
Nov 14, 2014
Tracked Since
Feb 18, 2026