PT-2019-4600 · Qemu+7 · Qemu+7

Cornelius Aschermann

+2

·

Publicado

2019-05-07

·

Atualizado

2024-06-15

·

CVE-2019-12155

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions QEMU versions 3.1.x through 4.0.0
Description The issue is related to a NULL pointer dereference in the interface release resource function in hw/display/qxl.c. This could potentially allow a remote attacker to cause a denial of service. The estimated number of potentially affected devices worldwide is not specified.
Recommendations For QEMU versions 3.1.x through 4.0.0, consider disabling the interface release resource function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

ALSA-2019:3345
ALT-PU-2019-2496
ALT-PU-2019-2534
BDU:2020-00700
CESA-2019_2607
CESA-2019_2892
CESA-2019_3345
CVE-2019-12155
DLA-1927-1
DSA-4454-1
DSA-4454-2
OPENSUSE-SU-2019:2041-1
OPENSUSE-SU-2019:2059-1
OPENSUSE-SU-2019_2041-1
OPENSUSE-SU-2019_2059-1
OPENSUSE-SU-2024:11287-1
RHSA-2019:2607
RHSA-2019:2892
RHSA-2019:3179
RHSA-2019:3345
RHSA-2019:3742
RHSA-2019:3787
RHSA-2019:4344
RHSA-2019_2607
RHSA-2019_2892
RHSA-2019_3345
RHSA-2020:1216
RLSA-2019:3345
SUSE-SU-2019:14151-1
SUSE-SU-2019:14199-1
SUSE-SU-2019:14201-1
SUSE-SU-2019:2157-1
SUSE-SU-2019:2192-1
SUSE-SU-2019:2221-1
SUSE-SU-2019:2246-1
SUSE-SU-2019:2353-1
SUSE-SU-2019_14151-1
SUSE-SU-2019_14199-1
SUSE-SU-2019_2157-1
SUSE-SU-2019_2192-1
SUSE-SU-2019_2221-1
SUSE-SU-2019_2246-1
SUSE-SU-2019_2353-1
SUSE-SU-2020:0388-1
USN-4191-1
USN-4191-2

Produtos afetados

Alt Linux
Almalinux
Centos
Qemu
Red Hat
Rocky Linux
Suse
Ubuntu