Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2652: The snapshot mode of Qemu incorrectly handles temporary files used to store the current state, making it vulnerable to symlink attacks due to a race condition. CVE-2012-3515: Qemu does not properly handle VT100 escape sequences when emulating certain devices with a virtual console backend. An attacker within a guest with access to the vulnerable virtual console could overwrite memory of Qemu and escalate privileges to that of the qemu process.