CVE-2018-20124

CVE-2018-20124

EPSS 0.5%

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html https://usn.ubuntu.com/3923-1/http://www.openwall.com/lists/oss-security/2018/12/18/2 http://www.securityfocus.com/bid/106290