Debian Linux Security Advisory 3088-1 – Paolo Bonzini of Red Hat discovered that the blit region checks were insufficient in the Cirrus VGA emulator in qemu-kvm, a full virtualization solution on x86 hardware. A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process.