Privilege Escalation via Crafted VT100 Sequence in Qemu

Privilege Escalation via Crafted VT100 Sequence in Qemu

CVE-2012-3515 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."

Learn more about our User Device Pen Test.