CVE-2012-3515
CVE-2012-3515
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=loghttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00016.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00027.html