Home CVE Database CVE-2017-15118

CVE-2017-15118

Description

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu allowing client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, allowing to cause out-of-bounds stack write in qemu process.

Priority: HIGH
CVSS v3: 9.8
Publish Date: Jun 21, 2018
Related ID: --
CVSS v2: CRITICAL
Modified Date: Jun 21, 2018

Find out more about CVE-2017-15118 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Fixed LIN10-4196
10.17.41.9 Wind River Linux LTS 10.17.41.9
Wind River Linux LTS 10.17.41.10
Wind River Linux LTS 10.17.41.11
Wind River Linux LTS 10.17.41.12
Wind River Linux LTS 10.17.41.13
Wind River Linux LTS 10.17.41.14
Wind River Linux LTS 10.17.41.15
Wind River Linux LTS 10.17.41.16
Wind River Linux LTS 10.17.41.17
Wind River Linux LTS 10.17.41.18
Wind River Linux LTS 10.17.41.20
Wind River Linux LTS 10.17.41.21
Wind River Linux LTS 10.17.41.22
Wind River Linux 9 Not Vulnerable -- -- --
Wind River Linux 8 Not Vulnerable -- -- --
Wind River Linux LTS 18 Not Vulnerable -- -- --
Wind River Linux LTS 19 Not Vulnerable -- -- --
Wind River Linux CD release Not Vulnerable -- -- --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

qemu

Live chat
Online