PT-2018-3006 · Qemu+5 · Qemu+5

Jskz

Published

2018-06-07

Updated

2024-06-15

CVE-2018-11806

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Qemu (affected versions not specified)

Description The issue is related to a heap-based buffer overflow in the m cat function in slirp/mbuf.c of Qemu, which can be triggered by incoming fragmented datagrams. This can potentially allow an attacker to impact data integrity, gain unauthorized access to protected information, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALT-PU-2018-2161

BDU:2019-03333

CESA-2018_2462

CESA-2019_2892

CVE-2018-11806

DLA-1781-1

DSA-4454-1

DSA-4454-2

OPENSUSE-SU-2018_2211-1

OPENSUSE-SU-2018_2402-1

OPENSUSE-SU-2018_3709-1

OPENSUSE-SU-2024:11287-1

RHSA-2018:2462

RHSA-2018:2762

RHSA-2018:2822

RHSA-2018:2887

RHSA-2018_2462

RHSA-2018_2762

RHSA-2019:2892

RHSA-2019_2892

SUSE-SU-2018:2037-1

SUSE-SU-2018:2056-1

SUSE-SU-2018:2059-1

SUSE-SU-2018:2069-1

SUSE-SU-2018:2081-1

SUSE-SU-2018:2081-2

SUSE-SU-2018:2340-1

SUSE-SU-2018:2528-1

SUSE-SU-2018:2556-1

SUSE-SU-2018:2565-1

SUSE-SU-2018:2615-1

SUSE-SU-2018:2650-1

SUSE-SU-2018:2973-1

SUSE-SU-2018:2973-2

SUSE-SU-2018:3555-1

SUSE-SU-2018_2037-1

SUSE-SU-2018_2056-1

SUSE-SU-2018_2059-1

SUSE-SU-2018_2069-1

SUSE-SU-2018_2081-1

SUSE-SU-2018_2081-2

USN-3826-1

ZDI-18-567

Affected Products

Alt Linux

Centos

Qemu

Red Hat

Suse

Ubuntu

PT-2018-3006 · Qemu+5 · Qemu+5

CVE-2018-11806

Weakness Enumeration

Related Identifiers

Affected Products

References · 336