PT-2019-12715 · Qemu+2 · Qemu+2

Prasad J Pandit

·

Publicado

2018-12-18

·

Atualizado

2024-08-05

·

CVE-2019-12247

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions QEMU version 3.0.0
Description The issue is related to an Integer Overflow in QEMU 3.0.0, caused by the qga/commands*.c files not checking the length of the argument list or the number of environment variables. However, it has been disputed as not exploitable.
Recommendations For QEMU version 3.0.0, at the moment, there is no information about a newer version that contains a fix for this issue.

Correção

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALT-PU-2018-2870
CVE-2019-12247

Produtos afetados

Alt Linux
Debian
Qemu