Lucene search
K

5 matches found

BDU FSTEC
BDU FSTEC
added 2020/02/27 12:0 a.m.5 views

The vulnerability of the qmp_guest_file_read function in the QEMU hardware emulation software, related to integer overflow, allows a hacker to cause a service failure.

The vulnerability of the qmpguestfileread function in the QEMU hardware emulation software is related to integer overflow. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted QMP agent command through the listening socket...

7.8CVSS6.7AI score0.25348EPSS
Exploits5References8Affected Software4
OSV
OSV
added 2018/09/10 1:51 p.m.5 views

SUSE-SU-2018:2679-1 Security update for qemu

This update for qemu fixes the following issues: This security issue was fixed: - CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket causi...

7.5CVSS6.8AI score0.25348EPSS
Exploits5References7
CNVD
CNVD
added 2018/06/22 12:0 a.m.4 views

QEMU integer overflow vulnerability (CNVD-2018-11977)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. An integer overflow vulnerability exists in the qmpguestfileread routine in the qga/commands-posix.c and qga/commands-win32.c files of qemu-ga...

7.5CVSS6.7AI score0.25348EPSS
Exploits5References1
OSV
OSV
added 2018/06/21 6:29 p.m.2 views

DEBIAN-CVE-2018-12617

qmpguestfileread in qga/commands-posix.c and qga/commands-win32.c in qemu-ga aka QEMU Guest Agent in QEMU 2.12.50 has an integer overflow causing a gmalloc0 call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted Q...

7.5CVSS9.1AI score0.25348EPSS
Exploits5References1
OSV
OSV
added 2018/04/27 3:29 p.m.2 views

DEBIAN-CVE-2018-10472

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...

5.6CVSS6.8AI score0.00373EPSS
Exploits0References1
Rows per page
Query Builder