Rabu, 03 Oktober 2012
Canonical Patches QEMU Vulnerability in Ubuntu OSes
On October 3rd, in a security notice Canonical published details about a QEMU vulnerability for its Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, and Ubuntu 10.04 LTS operating systems.
According to Canonical, QEMU could have been made to crash or run programs. It was discovered that QEMU incorrectly handled certain VT100 escape sequences. A guest user, with access to an emulated character device, could have used this flaw to cause QEMU to crash, or possibly execute arbitrary code on the host.
The security flaws can be fixed if you upgrade your system(s) to the latest qemu-kvm package, specific to each operating system. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes, but users have to restart the virtual machine.
Via: Canonical Patches QEMU Vulnerability in Ubuntu OSes