Fedora 8 : qemu-0.9.0-6.fc8 (2008-1995)
Medium Nessus Plugin ID 31181
SynopsisThe remote Fedora host is missing a security update.
DescriptionIan Jackson discovered that accesses beyond end of qemu emulated disk devices can result in accesses to emulator's virtual memory space accesses and thus can allow user with sufficient privilege in guest (root, as this would need modification to kernel's driver) to break out of VM. http://marc.info/?l =debian-security&m=120343592917055&w=2
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected qemu package.