An out of bounds memory access flaw was found in Qemu's ACPI PCI hotplug interface. It leads to Qemu's memory corruption via OOB write(4 bytes) and information disclosure(~12 bytes) through OOB read. A user with a custom PCI device could use this flaw to leak qemu process' memory bytes or corrupt them on the host. Upstream fix: ------------- -> https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html
Statement: This issue does not affect the versions of kvm package as shipped with Red Hat Enterprise Linux 5. This issue does not affect the versions of qemu-kvm package as shipped with Red Hat Enterprise Linux 6 and 7.
MITRE assigned CVE-2014-5388 to this issue: http://seclists.org/oss-sec/2014/q3/440
Acknowledgement: Red Hat would like to thank Michael S. Tsirkin for reporting this issue.
qemu-2.1.1-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.