CVE-2018-15746 – QEMU: seccomp: blacklist is not applied to all threads

https://notcve.org/view.php?id=CVE-2018-15746

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. qemu-seccomp.c en QEMU podría permitir que usuarios locales del sistema operativo provoquen una denegación de servicio (cierre inesperado del guest) aprovechando la gestión incorrecta de la política seccomp para hilos diferentes al principal. • http://www.openwall.com/lists/oss-security/2018/08/28/6 https://access.redhat.com/errata/RHSA-2019:2425 https://lists.gnu.org/archive/html/qemu-devel/2018-08/msg04892.html https://access.redhat.com/security/cve/CVE-2018-15746 https://bugzilla.redhat.com/show_bug.cgi?id=1615637 • CWE-184: Incomplete List of Disallowed Inputs •