Wind River Support Network

HomeDefectsLIN9-7626

Fixed

LIN9-7626 : Security Advisory - qemu - CVE-2018-10839

Created: Oct 31, 2018 Updated: Jan 21, 2019

Resolved Date: Nov 12, 2018

Found In Version: 9.0.0.18

Fix Version: 9.0.0.19

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.

https://nvd.nist.gov/vuln/detail/CVE-2018-10839

Other Downloads

Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-10839