Quick emulator(Qemu) built with the USB redirector support is vulnerable to a stack buffer overflow flaw. It could occur while logging debug messages when the debug mode is enabled in the device. A user/process could use this flaw to crash the Qemu process on the host resulting in DoS. Upstream patch: --------------- -> https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/07/07/1
Acknowledgments: Name: Li Qiang (Qihoo 360 Gear Team)
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1468497]
qemu-2.7.1-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.