Lucene search

K

PRIOn knowledge basePRION:CVE-2017-2630

HistoryJul 27, 2018 - 6:29 p.m.

Stack overflow

2018-07-2718:29:00

PRIOn knowledge base

www.prio-n.com

3

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.8%

A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server’s response to a ‘NBD_OPT_LIST’ request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.

CPENameOperatorVersion
qemult2.9

References

www.openwall.com/lists/oss-security/2017/02/15/2

www.securityfocus.com/bid/96265

access.redhat.com/errata/RHSA-2017:2392

bugzilla.redhat.com/show_bug.cgi?id=1422415

bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2630

github.com/qemu/qemu/commit/2563c9c6b8670400c48e562034b321a7cf3d9a85

lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.html

security.gentoo.org/glsa/201704-01

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.8%

Related for PRION:CVE-2017-2630

cve1 redhatcve1 ubuntucve1 veracode1 cvelist1 nvd1 debiancve1 osv1 gentoo1 nessus6 oraclelinux6 redhat1