CVE-2008-0928
CVE-2008-0928
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.htmlhttp://marc.info/?l=debian-security&m=120343592917055&w=2https://bugzilla.redhat.com/show_bug.cgi?id=433560http://secunia.com/advisories/29081http://secunia.com/advisories/29129http://secunia.com/advisories/29136http://secunia.com/advisories/29172http://secunia.com/advisories/29963http://secunia.com/advisories/34642http://secunia.com/advisories/35031https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.html