QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support
is vulnerable to an information leakage issue. It could occur while
processing ‘VIRTIO_GPU_CMD_GET_CAPSET_INFO’ command. A guest user/process
could use this flaw to leak contents of the host memory bytes.
www.openwall.com/lists/oss-security/2016/12/05/22
launchpad.net/bugs/cve/CVE-2016-9845
lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
nvd.nist.gov/vuln/detail/CVE-2016-9845
security-tracker.debian.org/tracker/CVE-2016-9845
ubuntu.com/security/notices/USN-3261-1
www.cve.org/CVERecord?id=CVE-2016-9845