hw/ppc/spapr.c in QEMU up to and including 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qemu qemu |
||
opensuse leap 15.0 |
||
opensuse leap 42.3 |