Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9
File System(9pfs) support, is vulnerable to an information disclosure issue.
It could occur while accessing extended attributes of a file due to a race
A user inside guest could use this flaw to disclose uninitialised heap
memory contents on the host.
Name: Tuomas Tynkkynen
Created qemu tracking bugs for this issue:
Affects: fedora-all [bug 1499111]
qemu-2.9.1-2.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
qemu-2.10.1-1.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.