CVE-2018-20124

CVE-2018-20124

EPSS 0.5%

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html https://usn.ubuntu.com/3923-1/http://www.openwall.com/lists/oss-security/2018/12/18/2 http://www.securityfocus.com/bid/106290