FreeBSD : qemu -- Heap overflow in QEMU PCNET controller, allowing guest to host escape (CVE-2015-3209) (acd5d037-1c33-11e5-be9c-6805ca1d3bb1)
High Nessus Plugin ID 84438
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe QEMU security team reports :
A guest which has access to an emulated PCNET network device (e.g.
with 'model=pcnet' in their VIF configuration) can exploit this vulnerability to take over the qemu process elevating its privilege to that of the qemu process.
SolutionUpdate the affected packages.