From http://www.openwall.com/lists/oss-security/2016/10/28/3: Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to a memory leakage issue. It could occur when calling v9fs_link call. A privileged user inside guest could use this flaw to leak the host memory bytes resulting in DoS for other services. Upstream patches: ----------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html Reference: ---------- -> http://wiki.qemu.org/Documentation/9psetup From http://www.openwall.com/lists/oss-security/2016/10/28/2: Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an integer overflow issue. It could occur by accessing xattributes values. A privileged user inside guest could use this flaw to crash the Qemu process instance resulting in DoS. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html Reference: ---------- -> http://wiki.qemu.org/Documentation/9psetup From http://www.openwall.com/lists/oss-security/2016/10/28/1: Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an information leakage issue. It could occur by accessing xattribute value before it's written to. A privileged user inside guest could use this flaw to leak host memory bytes. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html Reference: ---------- -> http://wiki.qemu.org/Documentation/9psetup From http://www.openwall.com/lists/oss-security/2016/10/27/15: Quick Emulator(Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to memory leakage issue. It could occur while creating extended attribute via 'Txattrcreate' message. A privileged user inside guest could use this flaw to leak host memory, thus affecting other services on the host and/or potentially crash the Qemu process on the host. Upstream patches: ----------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html Reference: ---------- -> http://wiki.qemu.org/Documentation/9psetup -> https://bugzilla.redhat.com/show_bug.cgi?id=1389550 All issues was reported by Li Qiang of 360.cn Inc. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Stabilization on bug #598772
This issue was resolved and addressed in GLSA 201611-11 at https://security.gentoo.org/glsa/201611-11 by GLSA coordinator Aaron Bauman (b-man).