CRITICAL🇬🇧 English

CVE-2019-12928

CVSS 9.8v3.0pub. 2019-06-24upd. 2024-11-21

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Qemu

    APP
    Qemu
    ≤ 4.0.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEDoSCommand Injection
CWE
Referencje

Powiązane podatności

CVE-2022-36648CRITICAL10.0ten sam produkt

The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and ear...

CVE-2019-12929CRITICAL9.8ten sam produkt

The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attack...

CVE-2018-20815CRITICAL9.8ten sam produkt

In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer ...

CVE-2018-17963CRITICAL9.8ten sam produkt

qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers...

CVE-2017-7471CRITICAL9.0ten sam produkt

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is ...