[vbox-dev] CVE-2015-3456 aka VENOM
Gianfranco Costamagna
costamagnagianfranco at yahoo.it
Tue May 19 09:17:13 GMT 2015
Hi Frank, are you sure the bug is really fixed?
the qemu patch seems to be different from the virtualbox one, and seems that the affected code is not fixed
http://git.qemu.org/?p=qemu.git;a=blobdiff;f=hw/block/fdc.c;h=d8a8edd936f42d4b1d801c996932668e456b5896;hp=f72a39216347e722496797555db9f208b0c5b4b2;hb=e907746266721f305d67bc0718795fedee2e824c;hpb=968bb75c348a401b85e08d5eb1887a3e6c3185f5
e.g.
https://security-tracker.debian.org/tracker/CVE-2015-3456
http://xenbits.xen.org/xsa/advisory-133.html
More information about the vbox-dev
mailing list