https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3209 A guest which has access to an emulated PCNET network device (e.g. with "model=pcnet" in their VIF configuration) can exploit this vulnerability to take over the qemu process elevating its privilege to that of the qemu process. Check if it applies to emulators/qemu emulators/qemu-devel emulators/qemu-sbruno emulators/qemu-user-static
emulators/qemu-sbruno emulators/qemu-user-static These two port aren't used to generate qemu-system binaries. The qemu-user-static is a slave port to qemu-sbruno, and the code in qemu-user-static does have this vulnerability if it is used to generate qemu-system binaries.
A commit references this bug: Author: nox Date: Fri Jun 26 19:13:32 UTC 2015 New revision: 390663 URL: https://svnweb.freebsd.org/changeset/ports/390663 Log: Document qemu pcnet guest to host escape vulnerability - CVE-2015-3209 PR: 201064 Submitted by: koobs Security: https://vuxml.FreeBSD.org/freebsd/acd5d037-1c33-11e5-be9c-6805ca1d3bb1.html Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: nox Date: Fri Jun 26 19:14:43 UTC 2015 New revision: 390664 URL: https://svnweb.freebsd.org/changeset/ports/390664 Log: - Apply fixes for pcnet guest to host escape vulnerability - CVE-2015-3209. - Bump PORTREVISIONs. PR: 201064 Submitted by: koobs Security: https://vuxml.FreeBSD.org/freebsd/acd5d037-1c33-11e5-be9c-6805ca 1d3bb1.html Changes: head/emulators/qemu/Makefile head/emulators/qemu/files/patch-CVE-2015-3209 head/emulators/qemu-devel/Makefile head/emulators/qemu-devel/files/patch-CVE-2015-3209 head/emulators/qemu-sbruno/Makefile head/emulators/qemu-sbruno/files/patch-CVE-2015-3209
Committed. Thanks!