Re: [DSA 1799-1] New qemu packages fix several vulnerabilities
On 2009-05-12, Faidon Liambotis <paravoid@debian.org> wrote:
> Moritz Muehlenhoff wrote:
>> Package : qemu
>> Vulnerability : several
>> Problem-Type : local
>> Debian-specific: no
>> CVE ID : CVE-2008-0928 CVE-2008-4539 CVE-2008-1945
>>
>> Several vulnerabilities have been discovered in the QEMU processor
>> emulator. The Common Vulnerabilities and Exposures project identifies the
>> following problems:
><snip>
>
> Are KVM and/or Xen HVM hosts affected by this?
> Should those VMs be restarted to avoid escaping from the guest to the host?
KVM and Xen embed a forked copy of qemu. This update is for the standalone
Qemu only.
Cheers,
Moritz
Reply to: