Medium severity5.8NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026
CVE-2017-15119
CVE-2017-15119
Description
The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords7 versionspkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 2.6.2-41.37.1+ 6 more
- (no CPE)range: < 2.6.2-41.37.1
- (no CPE)range: < 2.9.1-6.12.1
- (no CPE)range: < 2.6.2-41.37.1
- (no CPE)range: < 2.9.1-6.12.1
- (no CPE)range: < 2.6.2-41.37.1
- (no CPE)range: < 2.6.2-41.37.1
- (no CPE)range: < 2.9.1-6.12.1
Patches
Vulnerability mechanics
References
8- www.openwall.com/lists/oss-security/2017/11/28/9nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- www.securityfocus.com/bid/102011nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:1104nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:1113nvdThird Party Advisory
- lists.gnu.org/archive/html/qemu-devel/2017-11/msg05044.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/3575-1/nvdThird Party Advisory
- www.debian.org/security/2018/dsa-4213nvdThird Party Advisory
News mentions
0No linked articles in our index yet.