CVE-2018-1064

Опубликовано: 28 мар. 2018

Источник: debian

EPSS Низкий

Описание

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libvirt	fixed	4.1.0-1		package

Примечания

Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513

EPSS

Процентиль: 79%

0.01291

Низкий

Связанные уязвимости

CVE-2018-1064

CVSS3: 7.5

ubuntu

больше 7 лет назад

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

CVE-2018-1064

CVSS3: 3.3

redhat

больше 7 лет назад

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

CVE-2018-1064

CVSS3: 7.5

nvd

больше 7 лет назад

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

GHSA-r8xf-5287-837j

CVSS3: 7.5

github

больше 3 лет назад

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

BDU:2019-00236

CVSS3: 5.3

fstec

больше 7 лет назад

Уязвимость библиотеки управления виртуализацией Libvirt, связанная с ошибкой, приводящей к чрезмерному потреблению памяти, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 79%

0.01291

Низкий