[v3.0] qemu: holes in the bochs dispi interface parameter checking (CVE-2014-3615)
An information leakage flaw was found in Qemu’s VGA emulator. It could lead to leaking host memory bytes to a VNC client. It could occur when a guest GOP driver attempts to set a high display resolution.
A privileged user/program able to set such high resolution could use this flaw to leak host memory bytes.
Fixed in qemu-2.1.1. All previous versions seems to be fully or partially vulnerable.
(from redmine: issue id 3382, created on 2014-09-24, closed on 2015-08-05)
- parent #3378 (closed)
- Revision 9e73c36e by Natanael Copa on 2014-10-03T08:43:58Z:
main/qemu: security upgrade to 2.1.2 (CVE-2014-3615) fixes #3382