CVE request Qemu: out of bounds buffer access, guest triggerable via IDE SMART

[P J P <ppandit () redhat com>]

   Hello,

An out of bounds memory access flaw was found in Qemu's IDE device model. It 
leads to Qemu's memory corruption via buffer overwrite(4 bytes). It occurs 
while executing IDE SMART commands.

A guest's user could use this flaw to corrupt Qemu process's memory on the 
host.

Upstream fix:
-------------
  -> https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02016.html

Thank you.
--
Prasad J Pandit / Red Hat Security Response Team