Main Vulnerability Database Vulnerabilities #VU16556

#VU16556 Heap out-of-bounds read in QEMU - CVE-2018-16847

Published: December 17, 2018

Vulnerability identifier: #VU16556

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-16847

CWE-ID: CWE-125

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
QEMU

Software vendor:
QEMU

Description

The vulnerability allows an adjacent attacker to cause DoS condition on the target system.

The vulnerability exists in nvme_cmb_ops routines in nvme device due to OOB heap buffer read access issue in the NVM Express Controller emulation'. An adjacent attacker can crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.

Remediation

Install update from vendor's website.

External links

https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html