CVE-2018-16847 in QEMUinfo

Zusammenfassung

von MITRE

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Red Hat, Inc.

Reservieren

11.09.2018

Veröffentlichung

02.11.2018

Moderieren

akzeptiert

Eintrag

VDB-126413

CPE

bereit

CWE

CWE-125 (bestätigt)

CVSS

7.8 (NVD)

EPSS

0.00091

KEV

nein

Aktivitäten

very low

Sektor

Hostingprovider, Energy, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-16847
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-16847
CVE Details	https://www.cvedetails.com/cve/CVE-2018-16847/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!