I skimmed most of the article, glad to see it's been patched.
It looks like the attack vector requires access to a VM on the host machine i.e. public cloud/VPS.
So maybe not a huge risk exclusively for self hosted configurations?
this post was submitted on 11 Sep 2025
53 points (100.0% liked)
Selfhosted
51532 readers
288 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Mostly no, unless you expose your VM to the Internet or run untrusted code.
Anybody who does docker compose pull for any service?
It's a QEMU specific vulnerability.
It is a CPU vulnerability, so while the researchers used QEMU for their example, it is not necessarily specific to it.