QEMU Vulnerability Exposes The Host Through Emulated CD-ROM Drive

37

Back in May was the big “VENOM” security vulnerability affect QEMU whereby VM security could be escaped through QEMU’s virtual floppy disk drive. In June was a PCNET controller buffer overflow allowing a guest to escape to have host access. Today there’s a similar security vulnerability going public about its virtual CD-ROM drive…

Read more at Phoronix