QEMU through version 2.10 through to 3.1.0 is vulnerable to an out-of-bounds read
of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker
with permission to execute i2c commands could exploit this to read stack memory
of the qemu process on the host.
Systems without a monitor connected are affected, a virtual monitor is presented
to virtual guests. Systems with no graphics cards attached to the virtual host
are not affected.
Name: Michael Hanselmann (hansmi.ch)
Created qemu tracking bugs for this issue:
Affects: epel-all [bug 1678082]
Affects: fedora-all [bug 1678081]