Information Exposure in QEMU's hw/ppc/spapr.c through 3.1.0

Information Exposure in QEMU's hw/ppc/spapr.c through 3.1.0

CVE-2019-8934 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.

Learn more about our Web Application Penetration Testing UK.