Qemu VT100 emulation vulnerability
The device model used by fully virtualised (HVM) domains, qemu, does not properly handle escape VT100 sequences when emulating certain devices with a virtual console backend.
lack of check (invalid input)
An attacker who has sufficient privilege to access a vulnerable device within a guest can overwrite portions of the device model’s address space. This can allow them to escalate their privileges to that of the device model process.