Path traversal

2018-12-1213:29:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.7%

JSON

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq18.04
ubuntu_linuxeq18.10
fedoraeq29
qemule3.0.0
qemueq3.1.0 rc1
qemueq3.1.0 rc2
qemueq3.1.0 rc0
qemueq3.1.0 rc3

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	18.04
ubuntu_linux	eq	18.10
fedora	eq	29
qemu	le	3.0.0
qemu	eq	3.1.0 rc1
qemu	eq	3.1.0 rc2
qemu	eq	3.1.0 rc0
qemu	eq	3.1.0 rc3