Medium severity5.5NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026
CVE-2017-2630
CVE-2017-2630
Description
A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- www.openwall.com/lists/oss-security/2017/02/15/2nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lists.gnu.org/archive/html/qemu-devel/2017-02/msg01246.htmlnvdPatchThird Party Advisory
- www.securityfocus.com/bid/96265nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:2392nvdThird Party Advisory
- security.gentoo.org/glsa/201704-01nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvd
- github.com/qemu/qemu/commit/2563c9c6b8670400c48e562034b321a7cf3d9a85nvd
News mentions
0No linked articles in our index yet.