CVE-2017-2630 in QEMUinfo

Summary

A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

11/30/2016

Disclosure

07/27/2018

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

CVSS

7.5

EPSS

0.01134

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-2630
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-2630
CVE Details	https://www.cvedetails.com/cve/CVE-2017-2630/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!