PRIOn knowledge basePRION:CVE-2018-19665

HistoryDec 06, 2018 - 11:29 p.m.

Memory corruption

2018-12-0623:29:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.1%

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.

CPENameOperatorVersion
leapeq42.3
qemueq3.1.0 rc0
qemule3.0.1

Name	Operator	Version
leap	eq	42.3
qemu	eq	3.1.0 rc0
qemu	le	3.0.1

References

lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html

www.openwall.com/lists/oss-security/2018/11/29/1

www.securityfocus.com/bid/106050

lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html