usn-3826-1
Vulnerability from osv_ubuntu
Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-10839)
It was discovered that QEMU incorrectly handled the Slirp networking back-end. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-11806)
Fakhri Zulkifli discovered that the QEMU guest agent incorrectly handled certain QMP commands. An attacker could possibly use this issue to crash the QEMU guest agent, resulting in a denial of service. (CVE-2018-12617)
Li Qiang discovered that QEMU incorrectly handled NVM Express Controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16847)
Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled RTL8139 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-17958)
Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled PCNET device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-17962)
Daniel Shapira discovered that QEMU incorrectly handled large packet sizes. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-17963)
It was discovered that QEMU incorrectly handled LSI53C895A device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-18849)
Moguofang discovered that QEMU incorrectly handled the IPowerNV LPC controller. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-18954)
Zhibin Hu discovered that QEMU incorrectly handled the Plan 9 File System support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-19364)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2018-10839",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-11806",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12617",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17958",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17962",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17963",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-18849",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-19364",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-keymaps",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-kvm",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-common",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-user",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-user-static",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
},
{
"binary_name": "qemu-utils",
"binary_version": "2.0.0+dfsg-2ubuntu1.44"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.44?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0+dfsg-2ubuntu1.44"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.5.0+dfsg-3ubuntu5",
"1.5.0+dfsg-3ubuntu6",
"1.6.0+dfsg-2ubuntu1",
"1.6.0+dfsg-2ubuntu2",
"1.6.0+dfsg-2ubuntu3",
"1.6.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu1",
"1.7.0+dfsg-2ubuntu2",
"1.7.0+dfsg-2ubuntu3",
"1.7.0+dfsg-2ubuntu4",
"1.7.0+dfsg-2ubuntu5",
"1.7.0+dfsg-2ubuntu7",
"1.7.0+dfsg-2ubuntu8",
"1.7.0+dfsg-2ubuntu9",
"1.7.0+dfsg-3ubuntu1~ppa1",
"1.7.0+dfsg-3ubuntu1",
"1.7.0+dfsg-3ubuntu2",
"1.7.0+dfsg-3ubuntu3",
"1.7.0+dfsg-3ubuntu4",
"1.7.0+dfsg-3ubuntu5",
"1.7.0+dfsg-3ubuntu6",
"1.7.0+dfsg-3ubuntu7",
"2.0.0~rc1+dfsg-0ubuntu1",
"2.0.0~rc1+dfsg-0ubuntu2",
"2.0.0~rc1+dfsg-0ubuntu3",
"2.0.0~rc1+dfsg-0ubuntu3.1",
"2.0.0+dfsg-2ubuntu1",
"2.0.0+dfsg-2ubuntu1.1",
"2.0.0+dfsg-2ubuntu1.2",
"2.0.0+dfsg-2ubuntu1.3",
"2.0.0+dfsg-2ubuntu1.5",
"2.0.0+dfsg-2ubuntu1.6",
"2.0.0+dfsg-2ubuntu1.7",
"2.0.0+dfsg-2ubuntu1.8",
"2.0.0+dfsg-2ubuntu1.9",
"2.0.0+dfsg-2ubuntu1.10",
"2.0.0+dfsg-2ubuntu1.11",
"2.0.0+dfsg-2ubuntu1.13",
"2.0.0+dfsg-2ubuntu1.14",
"2.0.0+dfsg-2ubuntu1.15",
"2.0.0+dfsg-2ubuntu1.16",
"2.0.0+dfsg-2ubuntu1.17",
"2.0.0+dfsg-2ubuntu1.18",
"2.0.0+dfsg-2ubuntu1.19",
"2.0.0+dfsg-2ubuntu1.20",
"2.0.0+dfsg-2ubuntu1.21",
"2.0.0+dfsg-2ubuntu1.22",
"2.0.0+dfsg-2ubuntu1.24",
"2.0.0+dfsg-2ubuntu1.25",
"2.0.0+dfsg-2ubuntu1.26",
"2.0.0+dfsg-2ubuntu1.27",
"2.0.0+dfsg-2ubuntu1.28",
"2.0.0+dfsg-2ubuntu1.29",
"2.0.0+dfsg-2ubuntu1.30",
"2.0.0+dfsg-2ubuntu1.31",
"2.0.0+dfsg-2ubuntu1.32",
"2.0.0+dfsg-2ubuntu1.33",
"2.0.0+dfsg-2ubuntu1.34",
"2.0.0+dfsg-2ubuntu1.35",
"2.0.0+dfsg-2ubuntu1.36",
"2.0.0+dfsg-2ubuntu1.38",
"2.0.0+dfsg-2ubuntu1.39",
"2.0.0+dfsg-2ubuntu1.40",
"2.0.0+dfsg-2ubuntu1.41",
"2.0.0+dfsg-2ubuntu1.42",
"2.0.0+dfsg-2ubuntu1.43"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2018-10839",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-11806",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12617",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17958",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17962",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17963",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-18849",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-19364",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-aarch64",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.5+dfsg-5ubuntu10.33"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.33?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.5+dfsg-5ubuntu10.33"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.3+dfsg-5ubuntu9",
"1:2.3+dfsg-5ubuntu10",
"1:2.4+dfsg-4ubuntu1",
"1:2.4+dfsg-4ubuntu2",
"1:2.4+dfsg-4ubuntu3",
"1:2.4+dfsg-5ubuntu3",
"1:2.5+dfsg-1ubuntu2",
"1:2.5+dfsg-1ubuntu3",
"1:2.5+dfsg-1ubuntu4",
"1:2.5+dfsg-1ubuntu5",
"1:2.5+dfsg-5ubuntu1",
"1:2.5+dfsg-5ubuntu2",
"1:2.5+dfsg-5ubuntu4",
"1:2.5+dfsg-5ubuntu6",
"1:2.5+dfsg-5ubuntu7",
"1:2.5+dfsg-5ubuntu10",
"1:2.5+dfsg-5ubuntu10.1",
"1:2.5+dfsg-5ubuntu10.2",
"1:2.5+dfsg-5ubuntu10.3",
"1:2.5+dfsg-5ubuntu10.4",
"1:2.5+dfsg-5ubuntu10.5",
"1:2.5+dfsg-5ubuntu10.6",
"1:2.5+dfsg-5ubuntu10.7",
"1:2.5+dfsg-5ubuntu10.8",
"1:2.5+dfsg-5ubuntu10.9",
"1:2.5+dfsg-5ubuntu10.10",
"1:2.5+dfsg-5ubuntu10.11",
"1:2.5+dfsg-5ubuntu10.13",
"1:2.5+dfsg-5ubuntu10.14",
"1:2.5+dfsg-5ubuntu10.15",
"1:2.5+dfsg-5ubuntu10.16",
"1:2.5+dfsg-5ubuntu10.20",
"1:2.5+dfsg-5ubuntu10.21",
"1:2.5+dfsg-5ubuntu10.22",
"1:2.5+dfsg-5ubuntu10.24",
"1:2.5+dfsg-5ubuntu10.25",
"1:2.5+dfsg-5ubuntu10.26",
"1:2.5+dfsg-5ubuntu10.28",
"1:2.5+dfsg-5ubuntu10.29",
"1:2.5+dfsg-5ubuntu10.30",
"1:2.5+dfsg-5ubuntu10.31",
"1:2.5+dfsg-5ubuntu10.32"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2018-10839",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-11806",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-12617",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-16847",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17958",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17962",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-17963",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-18849",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-18954",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-19364",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "qemu",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-block-extra",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-guest-agent",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-kvm",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-arm",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-common",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-mips",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-misc",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-ppc",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-s390x",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-sparc",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-system-x86",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-user",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-user-binfmt",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-user-static",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
},
{
"binary_name": "qemu-utils",
"binary_version": "1:2.11+dfsg-1ubuntu7.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "qemu",
"purl": "pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.8?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:2.11+dfsg-1ubuntu7.8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.10+dfsg-0ubuntu3",
"1:2.10+dfsg-0ubuntu4",
"1:2.10+dfsg-0ubuntu5",
"1:2.11+dfsg-1ubuntu1",
"1:2.11+dfsg-1ubuntu2",
"1:2.11+dfsg-1ubuntu4",
"1:2.11+dfsg-1ubuntu5",
"1:2.11+dfsg-1ubuntu6",
"1:2.11+dfsg-1ubuntu7",
"1:2.11+dfsg-1ubuntu7.1",
"1:2.11+dfsg-1ubuntu7.2",
"1:2.11+dfsg-1ubuntu7.3",
"1:2.11+dfsg-1ubuntu7.4",
"1:2.11+dfsg-1ubuntu7.5",
"1:2.11+dfsg-1ubuntu7.6",
"1:2.11+dfsg-1ubuntu7.7"
]
}
],
"aliases": [],
"details": "Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled\nNE2000 device emulation. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2018-10839)\n\nIt was discovered that QEMU incorrectly handled the Slirp networking\nback-end. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service, or possibly execute\narbitrary code on the host. In the default installation, when QEMU is used\nwith libvirt, attackers would be isolated by the libvirt AppArmor profile.\nThis issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n18.04 LTS. (CVE-2018-11806)\n\nFakhri Zulkifli discovered that the QEMU guest agent incorrectly handled\ncertain QMP commands. An attacker could possibly use this issue to crash\nthe QEMU guest agent, resulting in a denial of service. (CVE-2018-12617)\n\nLi Qiang discovered that QEMU incorrectly handled NVM Express Controller\nemulation. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service, or possibly execute arbitrary\ncode on the host. In the default installation, when QEMU is used with\nlibvirt, attackers would be isolated by the libvirt AppArmor profile. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16847)\n\nDaniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled\nRTL8139 device emulation. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2018-17958)\n\nDaniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled\nPCNET device emulation. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2018-17962)\n\nDaniel Shapira discovered that QEMU incorrectly handled large packet sizes.\nAn attacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service. (CVE-2018-17963)\n\nIt was discovered that QEMU incorrectly handled LSI53C895A device\nemulation. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. (CVE-2018-18849)\n\nMoguofang discovered that QEMU incorrectly handled the IPowerNV LPC\ncontroller. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. This issue only affected Ubuntu\n18.04 LTS and Ubuntu 18.10. (CVE-2018-18954)\n\nZhibin Hu discovered that QEMU incorrectly handled the Plan 9 File System\nsupport. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. (CVE-2018-19364)\n",
"id": "USN-3826-1",
"modified": "2026-05-04T08:28:13Z",
"published": "2018-11-26T14:23:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-3826-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-10839"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-11806"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-12617"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-16847"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-17958"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-17962"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-17963"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-18849"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-18954"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-19364"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "qemu vulnerabilities",
"upstream": [
"UBUNTU-CVE-2018-10839",
"UBUNTU-CVE-2018-11806",
"UBUNTU-CVE-2018-12617",
"UBUNTU-CVE-2018-16847",
"UBUNTU-CVE-2018-17958",
"UBUNTU-CVE-2018-17962",
"UBUNTU-CVE-2018-17963",
"UBUNTU-CVE-2018-18849",
"UBUNTU-CVE-2018-18954",
"UBUNTU-CVE-2018-19364"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.