Source: qemu Version: 1:2.7+dfsg-3 Severity: important Tags: security upstream patch
Hi Quoting http://www.openwall.com/lists/oss-security/2016/12/06/2 > Hello, > > Quick Emulator built with the Virtio GPU Device emulator support is vulnerable > to an information leakage issue. It could occur while processing > 'VIRTIO_GPU_CMD_GET_CAPSET' command. > > A guest user/process could use this flaw to leak contents of the host memory > bytes. > > Upstream patch: > --------------- > -> http://lists.gnu.org/archive/html/qemu-devel/2016-11/msg00059.html A CVE assignment is pending yet. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
