Quick Emulator(Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while repeatedly hot-plugging and unplugging 'chardev' device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05597.html -> http://git.qemu.org/?p=qemu.git;a=commitdiff;h=a4afa548fc6dd9842ed86639b4d37d4d1c4ad480 Reference: ---------- -> http://www.openwall.com/lists/oss-security/2016/12/08/11
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1402968]
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1402972]
Acknowledgments: Name: Li Qiang (360.cn Inc.)