Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code.
Package | app-emulation/qemu on all architectures |
---|---|
Affected versions | < 4.2.0-r2 |
Unaffected versions | >= 4.2.0-r2 |
QEMU is a generic and open source machine emulator and virtualizer.
Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details.
An attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.
There is no known workaround at this time.
All QEMU users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/qemu-4.2.0-r2"