Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
QEMU 信息泄漏漏洞
Vulnerability Description
QEMU(Quick Emulator)是法国法布里斯-贝拉(Fabrice Bellard)个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 0.9.0版本存在绕过安全机制进行非授权访问导致信息泄漏漏洞。 该漏洞使客户操作系统用户可以使用diskformat:参数读取宿主操作系统上的任意文件。通过-usbdevice选项的参数修改磁盘映像头字段数据,从而识别不同的格式来读取文件。
CVSS Information
N/A
Vulnerability Type
N/A