CVE

CVE-2016-4020 (qemu)

admin

CVE-2016-4020 (qemu)

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priorty Register (TPR).

Source: CVE-2016-4020 (qemu)

Exit mobile version