Quick Emulator(Qemu) built with the PS/2 keyboard and mouse emulation support along with the migration feature enabled is vulnerable to an information leakage flaw. It could occur while loading a migrated snapshot on the destination host in PS2 post_load routine. A privileged user could use this flaw to leak destination host memory bytes. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg06643.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/11/17/1
Acknowledgments: Name: Cyrille Chatras (Orange.com)
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1514150] Created xen tracking bugs for this issue: Affects: fedora-all [bug 1514149]