2 matches found
CVE-2019-12929
The QMP guestexec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU'...
CVE-2019-12929
Summary: CVE-2019-12929 affects QEMU 4.0.0 and earlier, specifically the QMP guest_exec command. The vulnerability is OS command injection via a crafted QMP command sent to the listening server, which could lead to code execution, denial of service, or information disclosure. Some sources note th...