0.001 Low
EPSS
Percentile
26.7%
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
bugzilla.redhat.com/show_bug.cgi?id=1644973
www.cve.org/CVERecord?id=CVE-2018-18849 https://nvd.nist.gov/vuln/detail/CVE-2018-18849