Unrated severityNVD Advisory· Published Nov 15, 2014· Updated Jun 17, 2026
CVE-2014-5388
CVE-2014-5388
Description
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 2.0.2-48.22.1+ 1 more
- (no CPE)range: < 2.0.2-48.22.1
- (no CPE)range: < 2.0.2-48.22.1
Patches
Vulnerability mechanics
References
6- seclists.org/oss-sec/2014/q3/438nvdMailing ListPatchThird Party Advisory
- lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.htmlnvdPatchThird Party Advisory
- seclists.org/oss-sec/2014/q3/440nvdMailing ListThird Party Advisory
- www.ubuntu.com/usn/USN-2409-1nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- git.qemu.orgnvd
News mentions
0No linked articles in our index yet.