Wind River Support Network

HomeDefectsLIN10-4196
Fixed

LIN10-4196 : Security Advisory - qemu - CVE-2017-15118

Created: Jun 29, 2018    Updated: Dec 3, 2018
Resolved Date: Jul 10, 2018
Found In Version: 10.17.41.1
Fix Version: 10.17.41.9
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu allowing client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, allowing to cause out-of-bounds stack write in qemu process.

https://nvd.nist.gov/vuln/detail/CVE-2017-15118

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube