QEMU: Multiple vulnerabilities
Multiple vulnerabilities have been found in QEMU, the worst of
which may allow a remote attacker to cause a Denial of Service or gain
elevated privileges from a guest VM.
qemu
2017-06-06
2017-06-06
614744
615874
616460
616462
616482
616484
616636
616870
616872
616874
618808
619018
619020
620322
local, remote
2.9.0-r2
2.9.0-r2
QEMU is a generic and open source machine emulator and virtualizer.
Multiple vulnerabilities have been discovered in QEMU. Please review the
CVE identifiers referenced below for details.
A remote attacker might cause a Denial of Service or gain escalated
privileges from a guest VM.
There is no known workaround at this time.
All QEMU users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/qemu-2.9.0-r2"
CVE-2016-9603
CVE-2017-7377
CVE-2017-7471
CVE-2017-7493
CVE-2017-7718
CVE-2017-7980
CVE-2017-8086
CVE-2017-8112
CVE-2017-8309
CVE-2017-8379
CVE-2017-8380
CVE-2017-9060
CVE-2017-9310
CVE-2017-9330
BlueKnight
whissi