Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-12617

Опубликовано: 21 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 5
CVSS3: 7.5

Описание

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

1:2.11+dfsg-1ubuntu7.8
cosmic

released

1:2.12+dfsg-3ubuntu8.1
devel

released

1:2.12+dfsg-3ubuntu9
disco

released

1:2.12+dfsg-3ubuntu9
eoan

released

1:2.12+dfsg-3ubuntu9
esm-infra-legacy/trusty

released

2.0.0+dfsg-2ubuntu1.44
esm-infra/bionic

released

1:2.11+dfsg-1ubuntu7.8
esm-infra/focal

released

1:2.12+dfsg-3ubuntu9
esm-infra/xenial

released

1:2.5+dfsg-5ubuntu10.33

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 94%
0.12692
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-12617

CVSS3: 3.8
redhat
больше 7 лет назад

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

nvd логотип

CVE-2018-12617

CVSS3: 7.5
nvd
больше 7 лет назад

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.

debian логотип

CVE-2018-12617

CVSS3: 7.5
debian
больше 7 лет назад

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c i ...

suse-cvrf логотип

openSUSE-SU-2018:2693-1

suse-cvrf
около 7 лет назад

Security update for qemu

suse-cvrf логотип

SUSE-SU-2018:2679-1

suse-cvrf
около 7 лет назад

Security update for qemu

EPSS

Процентиль: 94%
0.12692
Средний

5 Medium

CVSS2

7.5 High

CVSS3