cpe:/a:qemu:qemu:2.9.1 CVE-2017-15038 2017-10-09T21:30:22.127-04:00 2018-09-07T06:29:02.617-04:00 1.9 LOCAL MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov DEBIAN DSA-4213 UBUNTU USN-3575-1 MLIST [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update MLIST [oss-security] 20171006 CVE-2017-15038 Qemu: 9p: virtfs: information disclosure when reading extended attributes MLIST [qemu-devel] 20171004 Re: [PATCH] 9pfs: use g_malloc0 to allocate space for xattr Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.