Red Hat Security Advisory 2014-1669-02

Red Hat Security Advisory 2014-1669-02 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU’s VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. This issue was discovered by Laszlo Ersek of Red Hat.

Leave a Reply