Main Vulnerability Database Vulnerabilities #VU16556

Heap out-of-bounds read in QEMU - CVE-2018-16847

Published: December 17, 2018

Vulnerability identifier: #VU16556

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-16847

CWE-ID: CWE-125

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vendor: QEMU

Affected software:
QEMU

Detailed vulnerability description

The vulnerability allows an adjacent attacker to cause DoS condition on the target system.

The vulnerability exists in nvme_cmb_ops routines in nvme device due to OOB heap buffer read access issue in the NVM Express Controller emulation'. An adjacent attacker can crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.

How to mitigate CVE-2018-16847

Install update from vendor's website.

Sources

https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html

Heap out-of-bounds read in QEMU - CVE-2018-16847

Detailed vulnerability description

How to mitigate CVE-2018-16847

Sources

Please verify you're human