qemu
Page content
- Vulnerable: 0.9.1-2
- Unaffected: 0.9.1-3kalgan1
A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to the “drive_init()” function in vl.c determining the format of a disk from data contained in the disk’s header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.
- Bug Tracker URL: http://bugs.frugalware.org/task/3043