From ${URL} : Quick Emulator(Qemu) built with the virtual hardware watchdog 'wdt_i6300esb' support is vulnerable to a memory leakage issue. It could occur while doing a device unplug operation; Doing so repeatedly would result in leaking host memory, affecting other services on the host. A privileged user inside guest could use this flaw to cause a DoS and/or potentially crash the Qemu process on the host. Upstream patch: --------------- -> https://lists.nongnu.org/archive/html/qemu-devel/2016-12/msg03104.html Reference: ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1415199 Commit: http://git.qemu.org/?p=qemu.git;a=commit;h=eb7a20a3616085d46aa6b4b4224e15587ec67e6e @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Added to an existing GLSA request.
This issue was resolved and addressed in GLSA 201702-28 at https://security.gentoo.org/glsa/201702-28 by GLSA coordinator Thomas Deutschmann (whissi).