Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. This issue only applied to Ubuntu 13.10 and Ubuntu 14.04 LTS. (CVE-2013-4544)
Michael S. Tsirkin discovered that QEMU incorrectly handled virtio-net MAC addresses. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. (CVE-2014-0150)
Benoît Canet discovered that QEMU incorrectly handled SMART self-tests. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. (CVE-2014-2894)
{ "availability": "No subscription required", "binaries": [ { "qemu-system-misc": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-guest-agent": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-utils": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-user": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-kvm": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-aarch64": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-user-static": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-arm": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-x86": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-ppc": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-common": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-keymaps": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-sparc": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-system-mips": "2.0.0~rc1+dfsg-0ubuntu3.1", "qemu-common": "2.0.0~rc1+dfsg-0ubuntu3.1" } ] }