Virtualization Security Vulnerabilities and Issues — Virtualization CVE List

Lucene search

RedhatVirtualization

5 matches found

CVE•added 2018/10/31 7:29 p.m.•177 views

CVE-2018-14659

The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and cr...

6.5CVSS7AI score0.02738EPSS

CVE•added 2018/10/31 7:29 p.m.•176 views

CVE-2018-14654

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on the target server.

8.5CVSS7.1AI score0.02212EPSS

CVE•added 2018/10/31 8:29 p.m.•141 views

CVE-2018-14661

It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service.

6.5CVSS6.9AI score0.03273EPSS

CVE•added 2018/10/09 10:29 p.m.•131 views

CVE-2018-17958

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

7.5CVSS8.4AI score0.02604EPSS

CVE•added 2018/10/09 10:29 p.m.•114 views

CVE-2018-17963

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.

9.8CVSS9.7AI score0.04723EPSS