Thanks for the additional details; I do not think this would be a security problem but rather just regular bugs -- the configuration file is similar to typing command line arguments at the shell, since they can specify to write to any file the user has access to, or pass-through PCI devices from the host to guests. It would not be appropriate to use a supplied configuration file without inspecting it first.
I've filed a report with upstream bochs bug tracker: https://sourceforge.net/p/bochs/bugs/1347/ Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1313194 Title: Bochs Multiple Vulnerabilities To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bochs/+bug/1313194/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
