PT-2018-2213 · Libvirt+6 · Libvirt+6

Denial Berrange

Publicado

2018-03-14

Atualizado

2024-06-15

CVE-2018-1064

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libvirt versions prior to 4.2.0-rc1

Description The issue is related to a resource exhaustion problem due to an incomplete fix that affects QEMU monitor and is also triggered via QEMU guest agent. It is associated with an error that leads to excessive memory consumption when handling a large stream of QEMU data. This could allow a remote attacker to cause a denial of service.

Recommendations For libvirt versions prior to 4.2.0-rc1, update to version 4.2.0-rc1 or later to resolve the issue.

Exploit

Correção

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399CWE-400

Identificadores relacionados

ALT-PU-2018-1530

BDU:2019-00236

CESA-2018_1396

CESA-2018_1929

CVE-2018-1064

DLA-1315-1

DSA-4137-1

MGASA-2018-0186

OPENSUSE-SU-2018_0939-1

OPENSUSE-SU-2024:11008-1

RHSA-2018:1396

RHSA-2018:1929

RHSA-2018_1396

RHSA-2018_1929

SUSE-SU-2018:0838-1

SUSE-SU-2018:0861-1

SUSE-SU-2018:0920-1

SUSE-SU-2018:1295-1

SUSE-SU-2018:2082-1

SUSE-SU-2018:2141-1

USN-3680-1

Produtos afetados

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

Libvirt

PT-2018-2213 · Libvirt+6 · Libvirt+6

CVE-2018-1064

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 132