I don't know what Ubuntu's position is, but note that for upstream QEMU this is *not* a security issue. The security policy https://www.qemu.org/docs/master/system/security.html is clear that we only consider the virtualization accelerators like KVM or HVF to be in scope, and TCG is out of scope. For us this is "just another TCG bug" and we fixed it as such.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2138885 Title: iret security issue To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/2138885/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
