Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_SET_SCANOUT:' command. A guest user/process could use this flaw to leak host memory resulting in Dos. Upstream patch: --------------- -> http://git.qemu.org/?p=qemu.git;a=commitdiff;h=dd248ed7e204ee8a1873914e02b8b526e8f1b80d Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/05/19/1
Acknowledgments: Name: Li Qiang (Qihoo 360 Gear Team)
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1452598]
qemu-2.7.1-7.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.