Lucene search

PRIOn knowledge basePRION:CVE-2018-20191

HistoryDec 20, 2018 - 11:29 p.m.

Null pointer dereference

2018-12-2023:29:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.9%

JSON

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq18.04
ubuntu_linuxeq18.10
fedoraeq29
fedoraeq30
qemule3.1.0

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	18.04
ubuntu_linux	eq	18.10
fedora	eq	29
fedora	eq	30
qemu	le	3.1.0

References

www.openwall.com/lists/oss-security/2018/12/18/1

www.securityfocus.com/bid/106276

lists.fedoraproject.org/archives/list/[email protected]/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/

lists.fedoraproject.org/archives/list/[email protected]/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/

lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html

usn.ubuntu.com/3923-1/