Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-3812

Опубликовано: 19 фев. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 4.4

Описание

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

РелизСтатусПримечание
bionic

released

1:2.11+dfsg-1ubuntu7.12
cosmic

released

1:2.12+dfsg-3ubuntu8.6
devel

released

1:3.1+dfsg-2ubuntu3
disco

released

1:3.1+dfsg-2ubuntu3
eoan

released

1:3.1+dfsg-2ubuntu3
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

1:2.11+dfsg-1ubuntu7.12
esm-infra/focal

not-affected

1:3.1+dfsg-2ubuntu3
esm-infra/xenial

not-affected

code not present
focal

released

1:3.1+dfsg-2ubuntu3

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%
0.00078
Низкий

2.1 Low

CVSS2

4.4 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-3812

CVSS3: 4.4
redhat
больше 6 лет назад

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

nvd логотип

CVE-2019-3812

CVSS3: 4.4
nvd
больше 6 лет назад

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

debian логотип

CVE-2019-3812

CVSS3: 4.4
debian
больше 6 лет назад

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to ...

github логотип

GHSA-4mh7-g8hh-qp2p

CVSS3: 5.5
github
около 3 лет назад

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

fstec логотип

BDU:2020-00722

CVSS3: 5.5
fstec
около 6 лет назад

Уязвимость функций i2c_ddc эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 24%
0.00078
Низкий

2.1 Low

CVSS2

4.4 Medium

CVSS3