Lucene search
Redhat.comRH:CVE-2018-16867HistoryApr 05, 2020 - 4:54 p.m.
CVE-2018-16867
2020-04-0516:54:41
redhat.com
access.redhat.com
15
0.001 Low
EPSS
Percentile
26.7%
A flaw was found in QEMU’s Media Transfer Protocol (MTP) where a path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper file name sanitization. Reading and writing of arbitrary files is allowed when a guest device is mounted which may lead to a denial of service scenario or possibly lead to code execution on the host.
Related
nessus
nessus
Oracle Linux 7 : qemu (ELSA-2018-4313)
2023-09-07 00:00:00
Oracle Linux 7 : qemu (ELSA-2018-4312)
2023-09-07 00:00:00
EulerOS 2.0 SP8 : qemu-kvm (EulerOS-SA-2019-1815)
2019-08-27 00:00:00
cve
cve
CVE-2018-16867
2018-12-12 13:29:02
cvelist
cvelist
CVE-2018-16867
2018-12-12 13:00:00
osv
osv
CVE-2018-16867
2018-12-12 13:29:02
debiancve
debiancve
CVE-2018-16867
2018-12-12 13:29:02
nvd
nvd
CVE-2018-16867
2018-12-12 13:29:02
ubuntucve
ubuntucve
CVE-2018-16867
2018-12-12 00:00:00
prion
prion
Path traversal
2018-12-12 13:29:00
oraclelinux
oraclelinux
qemu security update
2018-12-21 00:00:00
qemu security update
2018-12-21 00:00:00
qemu security update
2019-02-22 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-1815)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-3923-1)
2019-03-28 00:00:00
Fedora Update for qemu FEDORA-2019-88a98ce795
2019-05-07 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2019-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: qemu-3.0.0-4.fc29
2019-03-25 06:10:52
[SECURITY] Fedora 29 Update: qemu-3.0.1-3.fc29
2019-05-17 03:18:08
[SECURITY] Fedora 29 Update: qemu-3.0.1-4.fc29
2019-07-09 02:25:09