Information Disclosure
qemu is vulnerable to information disclosure. The vulnerability was found in the virtio vhost-user GPU device due to a flaw in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory...