QEMU: Multiple vulnerabilities Multiple vulnerabilities have been found in QEMU, the worst of which may allow an attacker to execute arbitrary code. qemu 2018-04-08 2018-04-08 629348 638506 643432 646814 649616 local, remote 2.11.1-r1 2.11.1-r1

QEMU is a generic and open source machine emulator and virtualizer.

Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details.

An attacker could execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information.

There is no known workaround at this time.

All QEMU users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/qemu-2.11.1-r1" CVE-2017-13672 CVE-2017-15124 CVE-2017-16845 CVE-2017-17381 CVE-2017-18030 CVE-2017-18043 CVE-2017-5715 CVE-2018-5683 CVE-2018-5748 CVE-2018-7550 chrisadr b-man