Your submission was sent successfully! Close

CVE-2018-20124

Published: 20 December 2018

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian 		bionic Not vulnerable
(code not present)
cosmic
Released (1:2.12+dfsg-3ubuntu8.6)
precise Does not exist

trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)
qemu-kvm
Launchpad, Ubuntu, Debian 		bionic Does not exist

cosmic Does not exist

precise Not vulnerable
(code not present)
trusty Does not exist

upstream Needs triage

xenial Does not exist

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading