Описание
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
Релиз | Статус | Примечание |
---|---|---|
bionic | not-affected | code not present |
cosmic | released | 1:2.12+dfsg-3ubuntu8.6 |
devel | not-affected | 1:3.1+dfsg-2ubuntu1 |
esm-infra-legacy/trusty | not-affected | code not present |
esm-infra/bionic | not-affected | code not present |
esm-infra/xenial | not-affected | code not present |
precise/esm | DNE | |
trusty | not-affected | code not present |
trusty/esm | not-affected | code not present |
upstream | needs-triage |
Показывать по
Релиз | Статус | Примечание |
---|---|---|
bionic | DNE | |
cosmic | DNE | |
devel | DNE | |
esm-infra-legacy/trusty | DNE | |
precise/esm | not-affected | code not present |
trusty | DNE | |
trusty/esm | DNE | |
upstream | needs-triage | |
xenial | DNE |
Показывать по
EPSS
4.4 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
A flaw was found in qemu Media Transfer Protocol (MTP) before version ...
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
EPSS
4.4 Medium
CVSS2
7.8 High
CVSS3