CVE-2018-12617

Опубликовано: 22 июн. 2018

Источник: redhat

CVSS3: 3.8

EPSS Средний

Описание

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	qemu-kvm	Fix deferred
Red Hat Enterprise Linux 6	virtio-win	Fix deferred
Red Hat Enterprise Linux 7	qemu-guest-agent	Fix deferred
Red Hat Enterprise Linux 7	qemu-kvm	Not affected
Red Hat Enterprise Linux 7	qemu-kvm-ma	Not affected
Red Hat Enterprise Linux 7	qemu-kvm-rhev	Not affected
Red Hat Enterprise Linux 7	virtio-win	Will not fix
Red Hat Enterprise Linux 8	qemu-kvm	Not affected
Red Hat Enterprise Linux 8	virtio-win	Not affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)	qemu-kvm-rhev	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-190

https://bugzilla.redhat.com/show_bug.cgi?id=1594054Qemu: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read()

EPSS

Процентиль: 97%

0.45671

Средний

3.8 Low

CVSS3

Связанные уязвимости

CVE-2018-12617

CVSS3: 7.5

ubuntu

почти 7 лет назад

CVE-2018-12617

CVSS3: 7.5

nvd

почти 7 лет назад

CVE-2018-12617

CVSS3: 7.5

debian

почти 7 лет назад

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c i ...

openSUSE-SU-2018:2693-1

suse-cvrf

почти 7 лет назад

Security update for qemu

SUSE-SU-2018:2679-1

suse-cvrf

почти 7 лет назад

Security update for qemu

EPSS

Процентиль: 97%

0.45671

Средний

3.8 Low

CVSS3