4 matches found
CVE-2018-10908
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could...
CVE-2018-10908
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could...
CVE-2018-10908
CVE-2018-10908 affects vdsm prior to 4.20.37. The issue arises when vdsm invokes qemu-img on untrusted inputs without limiting resources, enabling an attacker to cause unbounded memory/CPU usage and a denial of service affecting other host users. Documented impact: local access required; CVSS vec...
CVE-2018-10908
It was found that vdsm would invoke qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact...