A flaw was found in the way guest provided parameter validation was performed
in vmware-vga driver in rectangle handling functionality.
A privileged guest user could use this flaw to write into qemu address space
on the host, pontentially escalating their privileges to that of qemu host
Proposed upstream fix:
Red Hat would like to thank the Advanced Threat Research team at Intel Security for reporting this issue.
This issue does not affect the qemu packages as shipped with Red Hat Enterprise
Linux 5, 6 and 7.
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1153038]