Quick Emulator(Qemu) built with the keyboard input event handlers support is
vulnerable to a host memory leakage issue. It could occur if a guest user was
to generate large keyboard events, faster than Qemu could process them.
A privileged user inside guest could use this flaw to exhaust host memory,
resulting in DoS.
Name: Jiang Xin (Huawei PSIRT)
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1446561]
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1446560]
upstream pull request sent.
qemu-2.7.1-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products:
Red Hat OpenStack Platform 10.0 (Newton)
Red Hat OpenStack Platform 11.0 (Ocata)
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7
Red Hat OpenStack Platform 8.0 (Liberty)
Red Hat OpenStack Platform 9.0 (Mitaka)
Via RHSA-2017:2408 https://access.redhat.com/errata/RHSA-2017:2408